Check requesttoken

3 files changed, 5 insertions, 0 deletions

diff --git a/apps/files_external/ajax/addRootCertificate.php b/apps/files_external/ajax/addRootCertificate.php
index 2f67e801b2c..ba8a14d2ea1 100644
--- a/apps/files_external/ajax/addRootCertificate.php
+++ b/apps/files_external/ajax/addRootCertificate.php
@@ -1,6 +1,7 @@
 <?php
 
 OCP\JSON::checkAppEnabled('files_external');
+OCP\JSON::callCheck();
 
 if ( ! ($filename = $_FILES['rootcert_import']['name']) ) {
 	header("Location: settings/personal.php");
diff --git a/apps/files_external/ajax/dropbox.php b/apps/files_external/ajax/dropbox.php
index 58c41d69062..bc9821c62ec 100644
--- a/apps/files_external/ajax/dropbox.php
+++ b/apps/files_external/ajax/dropbox.php
@@ -4,6 +4,8 @@ require_once 'Dropbox/autoload.php';
 
 OCP\JSON::checkAppEnabled('files_external');
 OCP\JSON::checkLoggedIn();
+OCP\JSON::callCheck();
+
 if (isset($_POST['app_key']) && isset($_POST['app_secret'])) {
 	$oauth = new Dropbox_OAuth_Curl($_POST['app_key'], $_POST['app_secret']);
 	if (isset($_POST['step'])) {
diff --git a/apps/files_external/ajax/google.php b/apps/files_external/ajax/google.php
index c76c7618e4d..70adcb2c2ad 100644
--- a/apps/files_external/ajax/google.php
+++ b/apps/files_external/ajax/google.php
@@ -4,6 +4,8 @@ require_once 'Google/common.inc.php';
 
 OCP\JSON::checkAppEnabled('files_external');
 OCP\JSON::checkLoggedIn();
+OCP\JSON::callCheck();
+
 $consumer = new OAuthConsumer('anonymous', 'anonymous');
 $sigMethod = new OAuthSignatureMethod_HMAC_SHA1();
 if (isset($_POST['step'])) {