From 73b914ddbc4389a25e45e28b5fe23592d0b09a94 Mon Sep 17 00:00:00 2001 From: Lukas Reschke Date: Sun, 4 May 2014 13:56:21 +0200 Subject: [PATCH] Add CSRF check on login and logout This is a minor issue and not worth a backport in my opinion as it could break more things than it's worth having it. --- core/templates/login.php | 3 +++ lib/base.php | 2 ++ lib/private/user.php | 2 +- 3 files changed, 6 insertions(+), 1 deletion(-) diff --git a/core/templates/login.php b/core/templates/login.php index 65f760c1ee..a7e93a499b 100644 --- a/core/templates/login.php +++ b/core/templates/login.php @@ -1,3 +1,5 @@ + +
@@ -51,6 +53,7 @@ +
diff --git a/lib/base.php b/lib/base.php index 1f7d0c0da6..3ef9ce4beb 100644 --- a/lib/base.php +++ b/lib/base.php @@ -773,6 +773,7 @@ class OC { OC_App::loadApps(); OC_User::setupBackends(); if (isset($_GET["logout"]) and ($_GET["logout"])) { + OC_JSON::callCheck(); if (isset($_COOKIE['oc_token'])) { OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']); } @@ -939,6 +940,7 @@ class OC { return false; } + OC_JSON::callCheck(); OC_App::loadApps(); //setup extra user backends diff --git a/lib/private/user.php b/lib/private/user.php index 7106d664ac..21711cbf08 100644 --- a/lib/private/user.php +++ b/lib/private/user.php @@ -354,7 +354,7 @@ class OC_User { return $backend->getLogoutAttribute(); } - return 'href="' . link_to('', 'index.php') . '?logout=true"'; + return 'href="' . link_to('', 'index.php') . '?logout=true&requesttoken=' . OC_Util::callRegister() . '"'; } /**