Add missing CSRF check.
This commit is contained in:
parent
5d79444852
commit
dac2c14ae9
|
@ -23,6 +23,7 @@
|
|||
// Check if we are a user
|
||||
OCP\JSON::checkLoggedIn();
|
||||
OCP\JSON::checkAppEnabled('contacts');
|
||||
OCP\JSON::callCheck();
|
||||
require_once('loghandler.php');
|
||||
|
||||
$view = OCP\Files::getStorage('contacts');
|
||||
|
|
|
@ -1465,7 +1465,7 @@ Contacts={
|
|||
}
|
||||
}
|
||||
};
|
||||
xhr.open('POST', OC.filePath('contacts', 'ajax', 'uploadimport.php') + '?file='+encodeURIComponent(file.name), true);
|
||||
xhr.open('POST', OC.filePath('contacts', 'ajax', 'uploadimport.php') + '?file='+encodeURIComponent(file.name)+'&requesttoken='+requesttoken, true);
|
||||
xhr.setRequestHeader('Cache-Control', 'no-cache');
|
||||
xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
|
||||
xhr.setRequestHeader('X_FILE_NAME', encodeURIComponent(file.name));
|
||||
|
|
Loading…
Reference in New Issue