summaryrefslogtreecommitdiffstats
path: root/application/core
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2016-09-27 19:09:40 +0200
committerFlorian Pritz <bluewind@xinu.at>2016-11-01 17:29:04 +0100
commitf7181f4f9cda47307957f8c09a48d6ceeccdfaa8 (patch)
tree3bbe4339dc14788942909078a9e96cd6d4c210d3 /application/core
parent39ec7b56cd022c125c44ca4acc33f8290f92731e (diff)
Remove cli client CSRF whitelist
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application/core')
-rw-r--r--application/core/MY_Controller.php12
1 files changed, 0 insertions, 12 deletions
diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php
index 68ee302a9..bf81afa14 100644
--- a/application/core/MY_Controller.php
+++ b/application/core/MY_Controller.php
@@ -70,23 +70,11 @@ class MY_Controller extends CI_Controller {
"file/do_upload",
"file/do_paste",
),
- "cli_client" => array(
- "file/do_delete",
- "file/delete",
- "file/do_multipaste",
- "file/upload_history",
- "user/create_apikey",
- "file/get_max_size",
- ),
);
if (in_array($uri_start, $csrf_whitelisted_handlers["always"])) {
$csrf_protection = false;
}
- if (is_api_client() && in_array($uri_start, $csrf_whitelisted_handlers["cli_client"])) {
- $csrf_protection = false;
- }
-
if ($csrf_protection && !$this->input->is_cli_request()) {
// 2 functions for accessing config options, really?
$this->config->set_item('csrf_protection', true);