flashii/misuzu
flashii/misuzu
1
1
Fork 0
Code Issues Pull requests Releases 160 Wiki Activity Actions

Fixed possible NULL in CSRF check.

Browse source
This commit is contained in:
flash 2023-07-12 19:14:40 +00:00
parent 29165de457
commit 9b65ce005a
1 changed files with 2 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/CSRF.php
View file

@ -19,9 +19,9 @@ final class CSRF {
} }
public static function validateRequest(int $tolerance = -1): bool { public static function validateRequest(int $tolerance = -1): bool {
$token = filter_input(INPUT_POST, '_csrf'); $token = (string)filter_input(INPUT_POST, '_csrf');
if(empty($token)) if(empty($token))
$token = filter_input(INPUT_GET, 'csrf'); $token = (string)filter_input(INPUT_GET, 'csrf');
return self::$instance->verifyToken($token, $tolerance); return self::$instance->verifyToken($token, $tolerance);
} }