add two csrf check calls. Review and lot´s of porting needed.

author: Frank Karlitschek <frank@owncloud.org> 2012-06-09 15:05:14 +0200
committer: Frank Karlitschek <frank@owncloud.org> 2012-06-09 15:05:14 +0200
commit: 344299a074e135140262d051531f723be69c786f (patch)
tree: 06788914bb755c45e71cd2d86981f08b2cd70cc8 /lib/public/util.php
parent: 081e1874cb476a16d7fd2d6ed5dabaeca61fffae (diff)
download: nextcloud-server-344299a074e135140262d051531f723be69c786f.tar.gz
nextcloud-server-344299a074e135140262d051531f723be69c786f.zip
1 files changed, 20 insertions, 0 deletions
diff --git a/lib/public/util.php b/lib/public/util.php
index 9b499574da1..995161e2abe 100644
--- a/lib/public/util.php
+++ b/lib/public/util.php
@@ -248,6 +248,26 @@ class Util {
 	}
 
 
+	/**
+ 	 * Register an get/post call. This is important to prevent CSRF attacks
+	 * TODO: write example
+	 */
+	public static function callRegister(){
+		return(\OC_Util::callRegister());
+	}
+
+
+	/**
+	 * Check an ajax get/post call if the request token is valid. exit if not.
+	 * Todo: Write howto
+	 */
+	public static function callCheck(){
+		return(\OC_Util::callCheck());
+	}
+
+
+
+
 }
 
 ?>
author	Frank Karlitschek <frank@owncloud.org>	2012-06-09 15:05:14 +0200
committer	Frank Karlitschek <frank@owncloud.org>	2012-06-09 15:05:14 +0200
commit	344299a074e135140262d051531f723be69c786f (patch)
tree	06788914bb755c45e71cd2d86981f08b2cd70cc8 /lib/public/util.php
parent	081e1874cb476a16d7fd2d6ed5dabaeca61fffae (diff)
download	nextcloud-server-344299a074e135140262d051531f723be69c786f.tar.gz nextcloud-server-344299a074e135140262d051531f723be69c786f.zip