remove xsrf check

author: Nicolas Lœuillet <nicolas.loeuillet@gmail.com> 2013-08-05 12:53:56 +0200
committer: Nicolas Lœuillet <nicolas.loeuillet@gmail.com> 2013-08-05 12:53:56 +0200
commit: b161295d0b53a5ae194e236b0a7c662e9ac2ff9a (patch)
tree: 3937d3f2b1061cfc0b2ae19606ee59de59861166
parent: 4d0e2544917c8a7fba9eb6d3dccd5fd3790984a6 (diff)
download: wallabag-b161295d0b53a5ae194e236b0a7c662e9ac2ff9a.tar.gz
wallabag-b161295d0b53a5ae194e236b0a7c662e9ac2ff9a.tar.zst
wallabag-b161295d0b53a5ae194e236b0a7c662e9ac2ff9a.zip
1 files changed, 6 insertions, 6 deletions
diff --git a/index.php b/index.php
index 654403c8..19774bb6 100644
--- a/index.php
+++ b/index.php
@@ -11,12 +11,12 @@
 include dirname(__FILE__).'/inc/poche/config.inc.php';
 #XSRF protection with token
-if (!empty($_POST)) {
+// if (!empty($_POST)) {
-    if (!Session::isToken($_POST['token'])) {
+//     if (!Session::isToken($_POST['token'])) {
-        die(_('Wrong token'));
+//         die(_('Wrong token'));
-    }
+//     }
-    unset($_SESSION['tokens']);
+//     unset($_SESSION['tokens']);
-}
+// }
 $referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
 $view = Tools::checkVar('view', 'home');
author	Nicolas Lœuillet <nicolas.loeuillet@gmail.com>	2013-08-05 12:53:56 +0200
committer	Nicolas Lœuillet <nicolas.loeuillet@gmail.com>	2013-08-05 12:53:56 +0200
commit	b161295d0b53a5ae194e236b0a7c662e9ac2ff9a (patch)
tree	3937d3f2b1061cfc0b2ae19606ee59de59861166
parent	4d0e2544917c8a7fba9eb6d3dccd5fd3790984a6 (diff)
download	wallabag-b161295d0b53a5ae194e236b0a7c662e9ac2ff9a.tar.gz wallabag-b161295d0b53a5ae194e236b0a7c662e9ac2ff9a.tar.zst wallabag-b161295d0b53a5ae194e236b0a7c662e9ac2ff9a.zip

diff --git a/index.php b/index.php index 654403c8..19774bb6 100644 --- a/index.php +++ b/index.php
@@ -11,12 +11,12 @@
11	include dirname(__FILE__).'/inc/poche/config.inc.php';	11	include dirname(__FILE__).'/inc/poche/config.inc.php';
12		12
13	#XSRF protection with token	13	#XSRF protection with token
14	if (!empty($_POST)) {	14	// if (!empty($_POST)) {
15	if (!Session::isToken($_POST['token'])) {	15	// if (!Session::isToken($_POST['token'])) {
16	die(_('Wrong token'));	16	// die(_('Wrong token'));
17	}	17	// }
18	unset($_SESSION['tokens']);	18	// unset($_SESSION['tokens']);
19	}	19	// }
20		20
21	$referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];	21	$referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
22	$view = Tools::checkVar('view', 'home');	22	$view = Tools::checkVar('view', 'home');