flashii/misuzu
flashii/misuzu
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

and now actually with a secret key

Browse source
This commit is contained in:
flash 2018-10-02 21:21:52 +02:00
parent c21d1b65ac
commit 298052d1b8
2 changed files with 6 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
misuzu.php
View file

@ -303,7 +303,7 @@ MIG;
}
}
csrf_init('soapsoapsoap', empty($userDisplayInfo) ? ip_remote_address() : $_COOKIE['msz_sid']);
csrf_init($app->getCsrfSecretKey(), empty($userDisplayInfo) ? ip_remote_address() : $_COOKIE['msz_sid']);
$privateInfo = $app->getPrivateInfo();

5
src/Application.php
View file

@ -354,6 +354,11 @@ final class Application
return $this->getPath($this->config['Avatar']['default_path'] ?? 'public/images/no-avatar.png');
}
public function getCsrfSecretKey(): string
{
return $this->config['CSRF']['secret_key'] ?? 'insecure';
}
/**
* Gets the currently active instance of Application
* @return Application