Jakach/jakach-login
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

adding enhanced csrf protection
Deploy / deploy (push) Successful in 33s
Details

Browse Source
This commit is contained in:
janis steiner
2026-05-06 09:07:48 +02:00
parent 7ae7df0a11
commit d82a08f77b
25 changed files with 132 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files
app-code/api/login/delete_keepmeloggedin.php
+5
View File
@@ -2,7 +2,12 @@
include "../utils/security.php";
secure_session_start();
require_same_origin_request();
require_csrf_token();
header('Content-Type: application/json');
if ($_SERVER['REQUEST_METHOD'] !== 'POST' && $_SERVER['REQUEST_METHOD'] !== 'DELETE') {
echo json_encode(['success' => false, 'message' => 'Invalid request method.']);
exit;
}
$send_to=$_SESSION["end_url"];
require_logged_in();