diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2014-05-04 15:56:21 +0400 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2014-05-04 15:56:21 +0400 |
| commit | 73b914ddbc4389a25e45e28b5fe23592d0b09a94 (patch) | |
| tree | 8689f85bcdf6072bdbcc3207d995a2ea1baf3c36 /lib/private/user.php | |
| parent | 9385b97b5f38ebf2ed85e740fe3c52f1e6117d49 (diff) | |
Add CSRF check on login and logout
This is a minor issue and not worth a backport in my opinion as it could break more things than it's worth having it.
Diffstat (limited to 'lib/private/user.php')
| -rw-r--r-- | lib/private/user.php | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/private/user.php b/lib/private/user.php index 7106d664aca..21711cbf087 100644 --- a/lib/private/user.php +++ b/lib/private/user.php @@ -354,7 +354,7 @@ class OC_User { return $backend->getLogoutAttribute(); } - return 'href="' . link_to('', 'index.php') . '?logout=true"'; + return 'href="' . link_to('', 'index.php') . '?logout=true&requesttoken=' . OC_Util::callRegister() . '"'; } /** |