AS1024/itflow
1
0
Fork 0
mirror of https://github.com/itflow-org/itflow synced 2026-03-03 20:34:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add CSRF Token validation for API key create/delete

Browse Source
This commit is contained in:
Marcus Hill
2022-05-07 16:56:55 +01:00
parent 53ae901f15
commit b2c0994577
3 changed files with 10 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
settings-api.php
View File

@@ -81,7 +81,7 @@
<i class="fas fa-ellipsis-h"></i>
</button>
<div class="dropdown-menu">
<a class="dropdown-item text-danger" href="post.php?delete_api_key=<?php echo $api_key_id; ?>">Revoke</a>
<a class="dropdown-item text-danger" href="post.php?delete_api_key=<?php echo $api_key_id; ?>&csrf_token=<?php echo $_SESSION['csrf_token'] ?>">Revoke</a>
</div>
</div>
</td>