Add callCheck to testremote.php

Without CSRF check this file might be tricked into requesting itself which would result in an endless loop and thus potentially ending in a Denial of Service.

diff --git a/apps/files_sharing/ajax/testremote.php b/apps/files_sharing/ajax/testremote.php
index 08149bf7ecc6f86043bd493b51dd968aa53f651e..14992787012dfeabe3c6dcd3ad0444699b4dec7c 100644 (file)
--- a/apps/files_sharing/ajax/testremote.php
+++ b/apps/files_sharing/ajax/testremote.php
@@ -6,6 +6,7 @@
  * See the COPYING-README file.
  */
 
+OCP\JSON::callCheck();
 OCP\JSON::checkAppEnabled('files_sharing');
 
 $remote = $_GET['remote'];