remove xsrf check

[github/wallabag/wallabag.git] / index.php

diff --git a/index.php b/index.php
index 654403c8415d853333666ddaa1cc1cc621c5c4b6..19774bb67912714c9bda873141985b0e3ce5cf62 100644 (file)
--- a/index.php
+++ b/index.php
@@ -11,12 +11,12 @@
 include dirname(__FILE__).'/inc/poche/config.inc.php';
 
 #XSRF protection with token
-if (!empty($_POST)) {
-    if (!Session::isToken($_POST['token'])) {
-        die(_('Wrong token'));
-    }
-    unset($_SESSION['tokens']);
-}
+// if (!empty($_POST)) {
+//     if (!Session::isToken($_POST['token'])) {
+//         die(_('Wrong token'));
+//     }
+//     unset($_SESSION['tokens']);
+// }
 
 $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
 $view = Tools::checkVar('view', 'home');