diff --git a/apps/user_webdavauth/settings.php b/apps/user_webdavauth/settings.php index 41d7fa51cd..7eabb0d48c 100755 --- a/apps/user_webdavauth/settings.php +++ b/apps/user_webdavauth/settings.php @@ -24,7 +24,9 @@ OC_Util::checkAdminUser(); if($_POST) { - + // CSRF check + OCP\JSON::callCheck(); + if(isset($_POST['webdav_url'])) { OC_CONFIG::setValue('user_webdavauth_url', strip_tags($_POST['webdav_url'])); } diff --git a/apps/user_webdavauth/templates/settings.php b/apps/user_webdavauth/templates/settings.php index 880b77ac95..45f4d81aec 100755 --- a/apps/user_webdavauth/templates/settings.php +++ b/apps/user_webdavauth/templates/settings.php @@ -2,6 +2,7 @@