From 2a5d02ab8ea2e80d7d73f90b1d31994def0c7c43 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Tue, 21 Jul 2009 16:13:42 +0000
Subject: Also protect GET request from CSRF

---
 CHANGELOG | 1 +
 1 file changed, 1 insertion(+)

(limited to 'CHANGELOG')

diff --git a/CHANGELOG b/CHANGELOG
index 559a4b56c..2920238de 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -3,6 +3,7 @@ CHANGELOG RoundCube Webmail
 
 - Fix import of vCard entries with params (#1485453)
 - Fix HTML messages output with empty block elements (#1485974)
+- Use request tokens to protect POST requests from CSFR
 - Added hook when killing a session
 - Added hook to write_log function (#1485971)
 - Performance improvements by use UID commands (#1485690)
-- 
cgit v1.2.3