From ab9c10b05c63fc5efdf46d7fc07f6105f43f8104 Mon Sep 17 00:00:00 2001
From: myvesta <38690722+myvesta@users.noreply.github.com>
Date: Wed, 1 Sep 2021 00:24:43 +0200
Subject: [PATCH] Update secure_login.php

---
 web/inc/secure_login.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/web/inc/secure_login.php b/web/inc/secure_login.php
index 0fb030fc4..b9e2115c6 100644
--- a/web/inc/secure_login.php
+++ b/web/inc/secure_login.php
@@ -85,6 +85,7 @@ function prevent_get_csrf () {
     if ($_SERVER['REQUEST_METHOD'] == "GET") {
         if (isset($_GET[$login_url])) return;
         if ($_SERVER['REQUEST_URI']=="" || $_SERVER['REQUEST_URI']=="/" || $_SERVER['REQUEST_URI']=="/login/" || $_SERVER['REQUEST_URI']=="/list/user/" || $_SERVER['REQUEST_URI']=="/list/web/") return;
+        if ($_SERVER['DOCUMENT_URI']=="/reset/index.php") return;
     }
     if (isset($_SERVER['HTTP_HOST']) == false) return;
     if (isset($_SERVER['SERVER_PORT']) == false) return;