Create only one CSRF token per session

Before, the CSRF token expired every hour. We had a script in place
which should refresh the token but this don't worked in every case.
(Laptop sleeping etc.)

With this commit, the token will only get once created for every
session so that the "Token expired" warning shouldn't appear.

1 files changed, 7 insertions, 1 deletions

diff --git a/core/templates/layout.user.php b/core/templates/layout.user.php
index d876fbc98e8..451a4685e82 100644
--- a/core/templates/layout.user.php
+++ b/core/templates/layout.user.php
@@ -12,7 +12,6 @@
 			var oc_appswebroots = <?php echo $_['apps_paths'] ?>;
 			var oc_current_user = '<?php echo OC_User::getUser() ?>';
 			var oc_requesttoken = '<?php echo $_['requesttoken']; ?>';
-			var oc_requestlifespan = '<?php echo $_['requestlifespan']; ?>';
 			var datepickerFormatDate = <?php echo json_encode($l->l('jsdate', 'jsdate')) ?>;
 			var dayNames = <?php echo json_encode(array((string)$l->t('Sunday'), (string)$l->t('Monday'), (string)$l->t('Tuesday'), (string)$l->t('Wednesday'), (string)$l->t('Thursday'), (string)$l->t('Friday'), (string)$l->t('Saturday'))) ?>;
 			var monthNames = <?php echo json_encode(array((string)$l->t('January'), (string)$l->t('February'), (string)$l->t('March'), (string)$l->t('April'), (string)$l->t('May'), (string)$l->t('June'), (string)$l->t('July'), (string)$l->t('August'), (string)$l->t('September'), (string)$l->t('October'), (string)$l->t('November'), (string)$l->t('December'))) ?>;
@@ -21,6 +20,13 @@
 		<?php foreach($_['jsfiles'] as $jsfile): ?>
 			<script type="text/javascript" src="<?php echo $jsfile; ?>"></script>
 		<?php endforeach; ?>
+		<script type="text/javascript">
+			requesttoken = '<?php echo $_['requesttoken']; ?>';
+			OC.EventSource.requesttoken=requesttoken;
+			$(document).bind('ajaxSend', function(elm, xhr, s) {
+				xhr.setRequestHeader('requesttoken', requesttoken);
+			});
+		</script>
 		<?php foreach($_['headers'] as $header): ?>
 			<?php
 				echo '<'.$header['tag'].' ';