github/myvesta
1
0
Fork 0
mirror of https://github.com/myvesta/vesta synced 2025-08-14 02:28:05 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions

Add the validation of the CSRF token. It is missing in some cases when it is sent by GET or POST.

Browse source
This commit is contained in:
Sergio 2019-04-21 00:11:36 +02:00
commit 7603cdea7a
9 changed files with 49 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
web/templates/admin/list_services.html
View file

@ -54,7 +54,7 @@
<div class="l-unit-toolbar__col l-unit-toolbar__col--right noselect">
<div class="actions-panel clearfix">
<div class="actions-panel__col actions-panel__configure shortcut-enter" key-action="href"><a href="/edit/server/"><?=__('configure')?> <i></i></a><span class="shortcut enter">&nbsp;&#8629;</span></div>
<div class="actions-panel__col actions-panel__restart shortcut-r" key-action="href"><a href="/restart/system/?hostname=<?php echo $sys['sysinfo']['HOSTNAME'] ?>"><?=__('restart')?> <i></i></a><span class="shortcut">&nbsp;R</span></div>
<div class="actions-panel__col actions-panel__restart shortcut-r" key-action="href"><a href="/restart/system/?hostname=<?php echo $sys['sysinfo']['HOSTNAME'] ?>&token=<?=$_SESSION['token']?>"><?=__('restart')?> <i></i></a><span class="shortcut">&nbsp;R</span></div>
</div>
<!-- /.actions-panel -->
</div>