diff options
| author | Björn Schießle <schiessle@owncloud.com> | 2012-10-04 13:54:30 +0200 |
|---|---|---|
| committer | Björn Schießle <schiessle@owncloud.com> | 2012-10-05 10:32:38 +0200 |
| commit | f493e97f5dc46b4ec7f73dbfc3bd42537ff0761c (patch) | |
| tree | 3cb3f91dd962aa77d8096b12f15fac549bf2c9a4 | |
| parent | 4fd53eca06e12b053f4760f2b776eab0e0e36ce9 (diff) | |
| download | nextcloud-server-f493e97f5dc46b4ec7f73dbfc3bd42537ff0761c.tar.gz nextcloud-server-f493e97f5dc46b4ec7f73dbfc3bd42537ff0761c.zip | |
always generate access token, also for forms shown to anonymous users (e.g. public shares)
| -rw-r--r-- | core/templates/layout.base.php | 2 | ||||
| -rw-r--r-- | core/templates/layout.guest.php | 2 | ||||
| -rw-r--r-- | lib/template.php | 6 |
3 files changed, 6 insertions, 4 deletions
diff --git a/core/templates/layout.base.php b/core/templates/layout.base.php index c113a4db24e..f78b6ff8bbd 100644 --- a/core/templates/layout.base.php +++ b/core/templates/layout.base.php @@ -10,6 +10,8 @@ <script type="text/javascript"> var oc_webroot = '<?php echo OC::$WEBROOT; ?>'; var oc_appswebroots = <?php echo $_['apps_paths'] ?>; + var oc_requesttoken = '<?php echo $_['requesttoken']; ?>'; + var oc_requestlifespan = '<?php echo $_['requestlifespan']; ?>'; </script> <?php foreach ($_['jsfiles'] as $jsfile): ?> <script type="text/javascript" src="<?php echo $jsfile; ?>"></script> diff --git a/core/templates/layout.guest.php b/core/templates/layout.guest.php index 0d2e71c180f..6f59e18a8e1 100644 --- a/core/templates/layout.guest.php +++ b/core/templates/layout.guest.php @@ -10,6 +10,8 @@ <script type="text/javascript"> var oc_webroot = '<?php echo OC::$WEBROOT; ?>'; var oc_appswebroots = <?php echo $_['apps_paths'] ?>; + var oc_requesttoken = '<?php echo $_['requesttoken']; ?>'; + var oc_requestlifespan = '<?php echo $_['requestlifespan']; ?>'; </script> <?php foreach($_['jsfiles'] as $jsfile): ?> <script type="text/javascript" src="<?php echo $jsfile; ?>"></script> diff --git a/lib/template.php b/lib/template.php index 681b3f0b140..fb81ec62519 100644 --- a/lib/template.php +++ b/lib/template.php @@ -155,10 +155,8 @@ class OC_Template{ $this->renderas = $renderas; $this->application = $app; $this->vars = array(); - if($renderas == 'user') { - $this->vars['requesttoken'] = OC_Util::callRegister(); - $this->vars['requestlifespan'] = OC_Util::$callLifespan; - } + $this->vars['requesttoken'] = OC_Util::callRegister(); + $this->vars['requestlifespan'] = OC_Util::$callLifespan; $parts = explode('/', $app); // fix translation when app is something like core/lostpassword $this->l10n = OC_L10N::get($parts[0]); header('X-Frame-Options: Sameorigin'); |