diff options
author | Florian Pritz <bluewind@xinu.at> | 2016-09-27 19:09:40 +0200 |
---|---|---|
committer | Florian Pritz <bluewind@xinu.at> | 2016-11-05 19:44:15 +0100 |
commit | 5bd431b4075be5b47ca17bd8b323ec1af9a7034c (patch) | |
tree | c40994477303a1b20d3c0ae8251a5397d517e5a3 /application | |
parent | a23efbcccf25804ea3a72637595865b240c157ad (diff) |
Remove cli client CSRF whitelist
Signed-off-by: Florian Pritz <bluewind@xinu.at>
Diffstat (limited to 'application')
-rw-r--r-- | application/core/MY_Controller.php | 12 |
1 files changed, 0 insertions, 12 deletions
diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php index 68ee302a9..bf81afa14 100644 --- a/application/core/MY_Controller.php +++ b/application/core/MY_Controller.php @@ -70,23 +70,11 @@ class MY_Controller extends CI_Controller { "file/do_upload", "file/do_paste", ), - "cli_client" => array( - "file/do_delete", - "file/delete", - "file/do_multipaste", - "file/upload_history", - "user/create_apikey", - "file/get_max_size", - ), ); if (in_array($uri_start, $csrf_whitelisted_handlers["always"])) { $csrf_protection = false; } - if (is_api_client() && in_array($uri_start, $csrf_whitelisted_handlers["cli_client"])) { - $csrf_protection = false; - } - if ($csrf_protection && !$this->input->is_cli_request()) { // 2 functions for accessing config options, really? $this->config->set_item('csrf_protection', true); |