mirror of
https://github.com/billz/raspap-webgui.git
synced 2023-10-10 13:37:24 +02:00
da69d3d768
update the page's CSRF tokens with the new token from the response header, verify csrf token in ajax endpoints, initialize a session for every endpoint
12 lines
240 B
PHP
12 lines
240 B
PHP
<?php
|
|
|
|
include_once('includes/functions.php');
|
|
include_once('includes/session.php');
|
|
|
|
if (csrfValidateRequest() && !CSRFValidate()) {
|
|
handleInvalidCSRFToken();
|
|
}
|
|
|
|
ensureCSRFSessionToken();
|
|
header('X-CSRF-Token', $_SESSION['csrf_token']);
|