diff options
| author | Lukas Reschke <lukas@statuscode.ch> | 2012-07-20 20:12:36 +0200 |
|---|---|---|
| committer | Lukas Reschke <lukas@statuscode.ch> | 2012-07-20 20:12:36 +0200 |
| commit | 38271ded753bc9ea9943cef3c2706f8d71f3a58f (patch) | |
| tree | 4a2bb2cd3ffe196721c448ef891d692171a925df /apps/gallery/ajax/sharing.php | |
| parent | e52ab59b404d6d35ed8619da35b1f70404359212 (diff) | |
| download | nextcloud-server-38271ded753bc9ea9943cef3c2706f8d71f3a58f.tar.gz nextcloud-server-38271ded753bc9ea9943cef3c2706f8d71f3a58f.zip | |
Added CSRF checks
Diffstat (limited to 'apps/gallery/ajax/sharing.php')
| -rw-r--r-- | apps/gallery/ajax/sharing.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/apps/gallery/ajax/sharing.php b/apps/gallery/ajax/sharing.php index 1223320120b..c3d5989ae57 100644 --- a/apps/gallery/ajax/sharing.php +++ b/apps/gallery/ajax/sharing.php @@ -22,6 +22,7 @@ */ +OCP\JSON::callCheck(); if (!isset($_GET['token']) || !isset($_GET['operation'])) { OCP\JSON::error(array('cause' => 'Not enought arguments')); |