beenull/raspap-webgui-mirror
1
0
Fork 0
mirror of https://github.com/RaspAP/raspap-webgui.git synced 2024-11-25 00:50:29 +00:00
Code Issues Projects Releases Packages Wiki Activity

add csrf meta tag (for use with xhr, for example)

Browse source
This commit is contained in:
glaszig 2019-07-30 17:22:03 +02:00
parent 87fe8948b8
commit 20bb9fe42f
2 changed files with 10 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
includes/functions.php
View file

@ -67,6 +67,15 @@ function CSRFToken()
<?php
}
/**
* Retuns a CSRF meta tag (for use with xhr, for example)
*/
function CSRFMetaTag()
{
$token = htmlspecialchars($_SESSION['csrf_token']);
return '<meta name="csrf_token" content="' . $token . '">';
}
/**
*
* Validate CSRF Token

1
index.php
View file

@ -64,6 +64,7 @@ $theme_url = 'dist/css/'.htmlspecialchars($theme, ENT_QUOTES);
<html lang="en">
<head>
<meta charset="utf-8">
<?php echo CSRFMetaTag() ?>
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<meta name="description" content="">