summaryrefslogtreecommitdiffstats
path: root/application
diff options
context:
space:
mode:
authorFlorian Pritz <bluewind@xinu.at>2016-09-27 19:09:40 +0200
committerFlorian Pritz <bluewind@xinu.at>2016-11-05 19:44:15 +0100
commit5bd431b4075be5b47ca17bd8b323ec1af9a7034c (patch)
treec40994477303a1b20d3c0ae8251a5397d517e5a3 /application
parenta23efbcccf25804ea3a72637595865b240c157ad (diff)
Remove cli client CSRF whitelist
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r--application/core/MY_Controller.php12
1 files changed, 0 insertions, 12 deletions
diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php
index 68ee302a9..bf81afa14 100644
--- a/application/core/MY_Controller.php
+++ b/application/core/MY_Controller.php
@@ -70,23 +70,11 @@ class MY_Controller extends CI_Controller {
"file/do_upload",
"file/do_paste",
),
- "cli_client" => array(
- "file/do_delete",
- "file/delete",
- "file/do_multipaste",
- "file/upload_history",
- "user/create_apikey",
- "file/get_max_size",
- ),
);
if (in_array($uri_start, $csrf_whitelisted_handlers["always"])) {
$csrf_protection = false;
}
- if (is_api_client() && in_array($uri_start, $csrf_whitelisted_handlers["cli_client"])) {
- $csrf_protection = false;
- }
-
if ($csrf_protection && !$this->input->is_cli_request()) {
// 2 functions for accessing config options, really?
$this->config->set_item('csrf_protection', true);