diff options
author | nachoparker <nacho@ownyourbits.com> | 2018-04-05 03:27:33 +0300 |
---|---|---|
committer | nachoparker <nacho@ownyourbits.com> | 2018-04-05 03:27:53 +0300 |
commit | 7eecd81dd375a658dff1d2ea60fff714fe65678e (patch) | |
tree | 4d6dc970763387a8cb45358a5eb1996b9049cd29 | |
parent | eece4d08c921f074c97102af6f8e0907e1f866c0 (diff) |
ncp-web: force reload CSRF tokens every timev0.53.23
-rw-r--r-- | changelog.md | 6 | ||||
-rw-r--r-- | ncp-web/index.php | 3 | ||||
-rw-r--r-- | ncp-web/ncp.js | 2 |
3 files changed, 8 insertions, 3 deletions
diff --git a/changelog.md b/changelog.md index a6df76b6..bcdb34fe 100644 --- a/changelog.md +++ b/changelog.md @@ -1,5 +1,9 @@ -[v0.53.21](https://github.com/nextcloud/nextcloudpi/commit/89f2b3e) (2018-04-05) ncp-web: make config.php into a table +[v0.53.23](https://github.com/nextcloud/nextcloudpi/commit/b7ee6cd) (2018-04-05) ncp-web: force reload CSRF tokens every time + +[v0.53.22](https://github.com/nextcloud/nextcloudpi/commit/6f916a1) (2018-04-05) ncp-web: collapse sidebar menu when clicking in new sections + +[v0.53.21](https://github.com/nextcloud/nextcloudpi/commit/1618b2f) (2018-04-05) ncp-web: make config.php into a table [v0.53.20](https://github.com/nextcloud/nextcloudpi/commit/e0e9455) (2018-04-04) ncp-web: check for updates upon first run diff --git a/ncp-web/index.php b/ncp-web/index.php index 814420c6..f06aa1f3 100644 --- a/ncp-web/index.php +++ b/ncp-web/index.php @@ -36,7 +36,8 @@ header("X-Robots-Tag: none"); header("X-Permitted-Cross-Domain-Policies: none"); header("X-Frame-Options: DENY"); - header("Cache-Control: max-age=15778463"); + header("Cache-Control: no-cache"); + header('Pragma: no-cache'); ini_set('session.cookie_httponly', 1); if (isset($_SERVER['HTTPS'])) ini_set('session.cookie_secure', 1); diff --git a/ncp-web/ncp.js b/ncp-web/ncp.js index cac619b4..81820f0e 100644 --- a/ncp-web/ncp.js +++ b/ncp-web/ncp.js @@ -344,7 +344,7 @@ $(function() { var ret = $.parseJSON( result ); if ( ret.token ) - $('#csrf-token').set( { value: ret.token } ); + $('#csrf-token-dash').set( { value: ret.token } ); $('#loading-info-gif').hide(); $('#dashboard-table').ht( ret.table ); $('#dashboard-suggestions').ht( ret.suggestions ); |