diff options
| -rw-r--r-- | NEWS | 1 | ||||
| -rw-r--r-- | application/core/MY_Controller.php | 5 |
2 files changed, 6 insertions, 0 deletions
@@ -1,6 +1,7 @@ This file lists major, incompatible or otherwise important changes, you should look at it after every update. NEXT + - Fix CSRF issue breaking multipaste creation page - Update codeigniter to 3.1.10 - Remove imagemagick PDF thumbnail support due to Arch Linux disabling it in imagemagick due to repeated security concerns. diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php index a3b6d15d7..250c9d95c 100644 --- a/application/core/MY_Controller.php +++ b/application/core/MY_Controller.php @@ -117,6 +117,11 @@ class MY_Controller extends CI_Controller { // 2 functions for accessing config options, really? $this->config->set_item('csrf_protection', true); config_item("csrf_protection", true); + + if ($this->uri->uri_string() == "file/multipaste/ajax_submit") { + $this->config->set_item('csrf_regenerate', false); + } + $this->security->__construct(); $this->security->csrf_verify(); } |