StarMC/Astral-nook
StarMC/Astral-nook
Archived
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Add consistent CSRF token verification to API endpoints; address security concern with non-CSRF protected endpoints

Browse source
This commit is contained in:
Dane Everitt 2021-11-16 20:02:18 -08:00
parent cc31a0a6d0
commit bf9cbe2c6d
No known key found for this signature in database
GPG key ID: EEA66103B3D71F53
7 changed files with 59 additions and 14 deletions
Download patch file Download diff file Expand all files Collapse all files

4
resources/views/admin/settings/mail.blade.php
View file

@ -145,9 +145,9 @@
showLoaderOnConfirm: true
}, function () {
$.ajax({
method: 'GET',
method: 'POST',
url: '/admin/settings/mail/test',
headers: { 'X-CSRF-Token': $('input[name="_token"]').val() }
headers: { 'X-CSRF-TOKEN': $('input[name="_token"]').val() }
}).fail(function (jqXHR) {
showErrorDialog(jqXHR, 'test');
}).done(function () {