summaryrefslogtreecommitdiff
path: root/program/js
diff options
context:
space:
mode:
authorAleksander Machniak <alec@alec.pl>2014-12-15 13:47:55 +0100
committerAleksander Machniak <alec@alec.pl>2014-12-15 13:47:55 +0100
commit376cbfd4f2dfcf455717409b70d9d056cbeb08b1 (patch)
tree9258578b88810e0cef8e483bd2df30c9e044960d /program/js
parent753c8849accbbe0cb3ebef01e8b3e2ff3481a336 (diff)
Fix bugs where CSRF attacks were still possible on some requests
Diffstat (limited to 'program/js')
-rw-r--r--program/js/app.js9
1 files changed, 7 insertions, 2 deletions
diff --git a/program/js/app.js b/program/js/app.js
index fe9daddc8..7859ecbea 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -1336,8 +1336,10 @@ function rcube_webmail()
var url = this.get_task_url(task);
if (task == 'mail')
url += '&_mbox=INBOX';
- else if (task == 'logout' && !this.env.server_error)
+ else if (task == 'logout' && !this.env.server_error) {
+ url += '&_token=' + this.env.request_token;
this.clear_compose_data();
+ }
this.redirect(url);
};
@@ -1347,7 +1349,10 @@ function rcube_webmail()
if (!url)
url = this.env.comm_path;
- return url.replace(/_task=[a-z0-9_-]+/i, '_task='+task);
+ if (url.match(/[?&]_task=[a-zA-Z0-9_-]+/))
+ return url.replace(/_task=[a-zA-Z0-9_-]+/, '_task=' + task);
+ else
+ return url.replace(/\?.*$/, '') + '?_task=' + task;
};
this.reload = function(delay)