mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Merge pull request #14753 from owncloud/verify-csrf-token-earlier 

Verify CSRF token already in update.php and not the EventSource code
This commit is contained in:
Thomas Müller 2015-03-09 23:06:15 +01:00
parent 94b7fa17c5 c0a02f1615
commit 2f61884956
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
core/ajax/update.php
View File

@ -2,6 +2,8 @@
set_time_limit(0);
require_once '../../lib/base.php';
\OCP\JSON::callCheck();
if (OC::checkUpgrade(false)) {
// if a user is currently logged in, their session must be ignored to
// avoid side effects