ncp-web: force reload CSRF tokens every timev0.53.23

3 files changed, 8 insertions, 3 deletions

diff --git a/changelog.md b/changelog.md
index a6df76b6..bcdb34fe 100644
--- a/changelog.md
+++ b/changelog.md
@@ -1,5 +1,9 @@
 
-[v0.53.21](https://github.com/nextcloud/nextcloudpi/commit/89f2b3e) (2018-04-05) ncp-web: make config.php into a table
+[v0.53.23](https://github.com/nextcloud/nextcloudpi/commit/b7ee6cd) (2018-04-05) ncp-web: force reload CSRF tokens every time
+
+[v0.53.22](https://github.com/nextcloud/nextcloudpi/commit/6f916a1) (2018-04-05) ncp-web: collapse sidebar menu when clicking in new sections
+
+[v0.53.21](https://github.com/nextcloud/nextcloudpi/commit/1618b2f) (2018-04-05) ncp-web: make config.php into a table
 
 [v0.53.20](https://github.com/nextcloud/nextcloudpi/commit/e0e9455) (2018-04-04) ncp-web: check for updates upon first run
 
diff --git a/ncp-web/index.php b/ncp-web/index.php
index 814420c6..f06aa1f3 100644
--- a/ncp-web/index.php
+++ b/ncp-web/index.php
@@ -36,7 +36,8 @@
     header("X-Robots-Tag: none");
     header("X-Permitted-Cross-Domain-Policies: none");
     header("X-Frame-Options: DENY");
-    header("Cache-Control: max-age=15778463");
+    header("Cache-Control: no-cache");
+    header('Pragma: no-cache');
     ini_set('session.cookie_httponly', 1);
     if (isset($_SERVER['HTTPS']))
       ini_set('session.cookie_secure', 1);
diff --git a/ncp-web/ncp.js b/ncp-web/ncp.js
index cac619b4..81820f0e 100644
--- a/ncp-web/ncp.js
+++ b/ncp-web/ncp.js
@@ -344,7 +344,7 @@ $(function()
     {
       var ret = $.parseJSON( result );
       if ( ret.token )
-        $('#csrf-token').set( { value: ret.token } );
+        $('#csrf-token-dash').set( { value: ret.token } );
       $('#loading-info-gif').hide();
       $('#dashboard-table').ht( ret.table );
       $('#dashboard-suggestions').ht( ret.suggestions );