Jakach/jakach-login
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding enhanced csrf protection
Deploy / deploy (push) Successful in 33s
Details

Browse Source
This commit is contained in:
janis steiner
2026-05-06 09:07:48 +02:00
parent 7ae7df0a11
commit d82a08f77b
25 changed files with 132 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app-code/api/login/check_pw.php
+4
View File
@@ -2,7 +2,11 @@
include "../utils/security.php";
secure_session_start();
require_same_origin_request();
require_csrf_token();
header('Content-Type: application/json');
if ($_SERVER['REQUEST_METHOD'] !== 'POST') {
json_response(['success' => false, 'message' => 'Invalid request method.'], 405);
}
$send_to=$_SESSION["end_url"];
include "../../config/config.php";