summaryrefslogtreecommitdiffstats
path: root/application/views
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2013-08-29 17:55:52 +0200
committerFlorian Pritz <bluewind@xinu.at>2013-09-02 22:02:27 +0200
commit285262b6c668b4f367f8222880ceb01be39fd3ac (patch)
tree2607d33e77a4ee38970a122eeb5fc4a8f60f9250 /application/views
parent84ce2c6ce0eb1b4f2f32c4ae0d7e08f3571f5018 (diff)
Add CSRF protection
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application/views')
-rw-r--r--application/views/file/client.php4
-rw-r--r--application/views/file_plaintext/client.php4
2 files changed, 4 insertions, 4 deletions
diff --git a/application/views/file/client.php b/application/views/file/client.php
index 5e141f141..29e254a80 100644
--- a/application/views/file/client.php
+++ b/application/views/file/client.php
@@ -42,7 +42,7 @@ machine <?php echo $domain; ?> login my_username password my_secret_password
<h1>Shell</h1>
<pre>
-curl -n -F "file=@/home/user/foo" <?php echo site_url(); ?> (binary safe)
-cat file | curl -n -F "file=@-;filename=stdin" <?php echo site_url(); ?> (binary safe)
+curl -n -F "file=@/home/user/foo" <?php echo site_url("file/do_upload"); ?> (binary safe)
+cat file | curl -n -F "file=@-;filename=stdin" <?php echo site_url("file/do_upload"); ?> (binary safe)
</pre>
diff --git a/application/views/file_plaintext/client.php b/application/views/file_plaintext/client.php
index b37fd81bd..0ab556df2 100644
--- a/application/views/file_plaintext/client.php
+++ b/application/views/file_plaintext/client.php
@@ -1,6 +1,6 @@
Shell (binary safe):
- curl -n -F "file=@/home/user/foo" <?php echo site_url()."\n"; ?>
- cat file | curl -n -F "file=@-;filename=stdin" <?php echo site_url()."\n"; ?>
+ curl -n -F "file=@/home/user/foo" <?php echo site_url("file/do_upload")."\n"; ?>
+ cat file | curl -n -F "file=@-;filename=stdin" <?php echo site_url("file/do_upload")."\n"; ?>
Client:
Development (git): http://git.server-speed.net/users/flo/fb