diff options
author | thomascube <thomas@roundcube.net> | 2007-08-10 08:27:40 +0000 |
---|---|---|
committer | thomascube <thomas@roundcube.net> | 2007-08-10 08:27:40 +0000 |
commit | 719a257f0c8fd750a4984ed56273dc653565729e (patch) | |
tree | 2707636618edff63d691180a99a48cbdda350703 /program/js/app.js | |
parent | 4b9efbb9f49911b17bde2d46b86df825e987101e (diff) |
Some bugfixes, security issues + minor improvements
Diffstat (limited to 'program/js/app.js')
-rw-r--r-- | program/js/app.js | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/program/js/app.js b/program/js/app.js index bda67002e..6cf9d4850 100644 --- a/program/js/app.js +++ b/program/js/app.js @@ -463,7 +463,7 @@ function rcube_webmail() break; case 'logout': - this.goto_url('logout'); + this.goto_url('logout', true); break; // commands to switch task @@ -3195,7 +3195,7 @@ function rcube_webmail() this.redirect = function(url, lock) { - if (lock || lock == NULL) + if (lock || lock === null) this.set_busy(true); if (this.env.framed && window.parent) @@ -3498,12 +3498,13 @@ function rcube_http_request() return false; } - var ref = this; + var _ref = this; this.url = url; this.busy = true; - this.xmlhttp.onreadystatechange = function(){ ref.xmlhttp_onreadystatechange(); }; + this.xmlhttp.onreadystatechange = function(){ _ref.xmlhttp_onreadystatechange(); }; this.xmlhttp.open('GET', url); + this.xmlhttp.setRequestHeader('X-RoundCube-Referer', bw.get_cookie('sessid')); this.xmlhttp.send(null); }; @@ -3537,6 +3538,7 @@ function rcube_http_request() this.xmlhttp.onreadystatechange = function() { ref.xmlhttp_onreadystatechange(); }; this.xmlhttp.open('POST', url, true); this.xmlhttp.setRequestHeader('Content-Type', contentType); + this.xmlhttp.setRequestHeader('X-RoundCube-Referer', bw.get_cookie('sessid')); this.xmlhttp.send(req_body); }; |