diff options
| author | Aleksander Machniak <alec@alec.pl> | 2014-12-15 13:47:55 +0100 |
|---|---|---|
| committer | Aleksander Machniak <alec@alec.pl> | 2014-12-15 13:47:55 +0100 |
| commit | 376cbfd4f2dfcf455717409b70d9d056cbeb08b1 (patch) | |
| tree | 9258578b88810e0cef8e483bd2df30c9e044960d /program/js | |
| parent | 753c8849accbbe0cb3ebef01e8b3e2ff3481a336 (diff) | |
Fix bugs where CSRF attacks were still possible on some requests
Diffstat (limited to 'program/js')
| -rw-r--r-- | program/js/app.js | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/program/js/app.js b/program/js/app.js index fe9daddc8..7859ecbea 100644 --- a/program/js/app.js +++ b/program/js/app.js @@ -1336,8 +1336,10 @@ function rcube_webmail() var url = this.get_task_url(task); if (task == 'mail') url += '&_mbox=INBOX'; - else if (task == 'logout' && !this.env.server_error) + else if (task == 'logout' && !this.env.server_error) { + url += '&_token=' + this.env.request_token; this.clear_compose_data(); + } this.redirect(url); }; @@ -1347,7 +1349,10 @@ function rcube_webmail() if (!url) url = this.env.comm_path; - return url.replace(/_task=[a-z0-9_-]+/i, '_task='+task); + if (url.match(/[?&]_task=[a-zA-Z0-9_-]+/)) + return url.replace(/_task=[a-zA-Z0-9_-]+/, '_task=' + task); + else + return url.replace(/\?.*$/, '') + '?_task=' + task; }; this.reload = function(delay) |