aboutsummaryrefslogtreecommitdiffstats
path: root/core/Controller/CSRFTokenController.php
diff options
context:
space:
mode:
Diffstat (limited to 'core/Controller/CSRFTokenController.php')
-rw-r--r--core/Controller/CSRFTokenController.php8
1 files changed, 4 insertions, 4 deletions
diff --git a/core/Controller/CSRFTokenController.php b/core/Controller/CSRFTokenController.php
index c4e7b81279f..c3d1a7f842b 100644
--- a/core/Controller/CSRFTokenController.php
+++ b/core/Controller/CSRFTokenController.php
@@ -12,6 +12,8 @@ use OC\Security\CSRF\CsrfTokenManager;
use OCP\AppFramework\Controller;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\Attribute\FrontpageRoute;
+use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
+use OCP\AppFramework\Http\Attribute\PublicPage;
use OCP\AppFramework\Http\JSONResponse;
use OCP\IRequest;
@@ -27,15 +29,13 @@ class CSRFTokenController extends Controller {
/**
* Returns a new CSRF token.
*
- * @NoAdminRequired
- * @NoCSRFRequired
- * @PublicPage
- *
* @return JSONResponse<Http::STATUS_OK, array{token: string}, array{}>|JSONResponse<Http::STATUS_FORBIDDEN, array<empty>, array{}>
*
* 200: CSRF token returned
* 403: Strict cookie check failed
*/
+ #[PublicPage]
+ #[NoCSRFRequired]
#[FrontpageRoute(verb: 'GET', url: '/csrftoken')]
public function index(): JSONResponse {
if (!$this->request->passesStrictCookieCheck()) {
generated by cgit v1.2.3 (git 2.39.1) at 2025-01-20 21:13:09 +0000