From f7181f4f9cda47307957f8c09a48d6ceeccdfaa8 Mon Sep 17 00:00:00 2001
From: Florian Pritz <bluewind@xinu.at>
Date: Tue, 27 Sep 2016 19:09:40 +0200
Subject: Remove cli client CSRF whitelist

Signed-off-by: Florian Pritz <bluewind@xinu.at>
---
 application/core/MY_Controller.php | 12 ------------
 1 file changed, 12 deletions(-)

diff --git a/application/core/MY_Controller.php b/application/core/MY_Controller.php
index 68ee302a9..bf81afa14 100644
--- a/application/core/MY_Controller.php
+++ b/application/core/MY_Controller.php
@@ -70,23 +70,11 @@ class MY_Controller extends CI_Controller {
 				"file/do_upload",
 				"file/do_paste",
 			),
-			"cli_client" => array(
-				"file/do_delete",
-				"file/delete",
-				"file/do_multipaste",
-				"file/upload_history",
-				"user/create_apikey",
-				"file/get_max_size",
-			),
 		);
 		if (in_array($uri_start, $csrf_whitelisted_handlers["always"])) {
 			$csrf_protection = false;
 		}
 
-		if (is_api_client() && in_array($uri_start, $csrf_whitelisted_handlers["cli_client"])) {
-			$csrf_protection = false;
-		}
-
 		if ($csrf_protection && !$this->input->is_cli_request()) {
 			// 2 functions for accessing config options, really?
 			$this->config->set_item('csrf_protection', true);
-- 
cgit v1.2.3-24-g4f1b