github/qBittorrent
1
0
Fork 0
mirror of https://github.com/qbittorrent/qBittorrent synced 2025-07-07 05:31:25 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 9

Add option to control CSRF protection

Browse source 
Some users are using WebUI with simple port-forwarding from their router,
providing an option to control the protection will save them from setting up an
non-trival web proxy.
Closes #7274.
This commit is contained in:
Chocobo1 2018-05-22 00:43:33 +08:00
parent bad4d94f77
commit 9eeef0be97
No known key found for this signature in database
GPG key ID: 210D9C873253A68C
8 changed files with 37 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

3
src/webui/api/appcontroller.cpp
View file

@ -207,6 +207,7 @@ void AppController::preferencesAction()
data["bypass_auth_subnet_whitelist"] = authSubnetWhitelistStringList.join("\n");
// Security
data["web_ui_clickjacking_protection_enabled"] = pref->isWebUiClickjackingProtectionEnabled();
data["web_ui_csrf_protection_enabled"] = pref->isWebUiCSRFProtectionEnabled();
// Update my dynamic domain name
data["dyndns_enabled"] = pref->isDynDNSEnabled();
data["dyndns_service"] = pref->getDynDNSService();
@ -484,6 +485,8 @@ void AppController::setPreferencesAction()
// Security
if (m.contains("web_ui_clickjacking_protection_enabled"))
pref->setWebUiClickjackingProtectionEnabled(m["web_ui_clickjacking_protection_enabled"].toBool());
if (m.contains("web_ui_csrf_protection_enabled"))
pref->setWebUiCSRFProtectionEnabled(m["web_ui_csrf_protection_enabled"].toBool());
// Update my dynamic domain name
if (m.contains("dyndns_enabled"))
pref->setDynDNSEnabled(m["dyndns_enabled"].toBool());