From 5499336feff22f682448dd99cc00a9b36701fcd1 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Tue, 21 Jul 2009 16:02:33 +0000
Subject: Use global request tokens and automatically protect all POST requests

---
 program/js/app.js | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'program/js/app.js')

diff --git a/program/js/app.js b/program/js/app.js
index 332ee877c..4ce354665 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -55,7 +55,7 @@ function rcube_webmail()
   // set jQuery ajax options
   jQuery.ajaxSetup({ cache:false,
     error:function(request, status, err){ ref.http_error(request, status, err); },
-    beforeSend:function(xmlhttp){ xmlhttp.setRequestHeader('X-RoundCube-Referer', bw.get_cookie('roundcube_sessid')); }
+    beforeSend:function(xmlhttp){ xmlhttp.setRequestHeader('X-RoundCube-Request', ref.env.request_token); }
   });
 
   // set environment variable(s)
-- 
cgit v1.2.3