diff options
author | Florian Pritz <bluewind@xinu.at> | 2016-09-27 19:09:40 +0200 |
---|---|---|
committer | Florian Pritz <bluewind@xinu.at> | 2016-11-01 17:29:04 +0100 |
commit | f7181f4f9cda47307957f8c09a48d6ceeccdfaa8 (patch) | |
tree | 3bbe4339dc14788942909078a9e96cd6d4c210d3 | |
parent | 39ec7b56cd022c125c44ca4acc33f8290f92731e (diff) |
Remove cli client CSRF whitelist
Signed-off-by: Florian Pritz <bluewind@xinu.at>
-rw-r--r-- | application/core/MY_Controller.php | 12 |
1 files changed, 0 insertions, 12 deletions
diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php index 68ee302a9..bf81afa14 100644 --- a/application/core/MY_Controller.php +++ b/application/core/MY_Controller.php @@ -70,23 +70,11 @@ class MY_Controller extends CI_Controller { "file/do_upload", "file/do_paste", ), - "cli_client" => array( - "file/do_delete", - "file/delete", - "file/do_multipaste", - "file/upload_history", - "user/create_apikey", - "file/get_max_size", - ), ); if (in_array($uri_start, $csrf_whitelisted_handlers["always"])) { $csrf_protection = false; } - if (is_api_client() && in_array($uri_start, $csrf_whitelisted_handlers["cli_client"])) { - $csrf_protection = false; - } - if ($csrf_protection && !$this->input->is_cli_request()) { // 2 functions for accessing config options, really? $this->config->set_item('csrf_protection', true); |