From b1010160b363223c1e1c1cc7137dfb8e9aa3ab5b Mon Sep 17 00:00:00 2001
From: Robin Appelman <icewind@owncloud.com>
Date: Sun, 22 Jul 2012 16:36:09 +0200
Subject: CSRF protection for eventsource

---
 apps/files/ajax/newfile.php | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'apps/files/ajax')

diff --git a/apps/files/ajax/newfile.php b/apps/files/ajax/newfile.php
index de054d9ce0c..cc9208ad08f 100644
--- a/apps/files/ajax/newfile.php
+++ b/apps/files/ajax/newfile.php
@@ -17,6 +17,8 @@ $source = isset( $_REQUEST['source'] ) ? stripslashes($_REQUEST['source']) : '';
 
 if($source){
 	$eventSource=new OC_EventSource();
+}else{
+	OC_JSON::callCheck();
 }
 
 if($filename == '') {
-- 
cgit v1.2.3