diff options
| author | Jo-Philipp Wich <jow@openwrt.org> | 2015-10-21 00:00:55 +0200 |
|---|---|---|
| committer | Jo-Philipp Wich <jow@openwrt.org> | 2015-10-21 00:00:55 +0200 |
| commit | 0f1f5140e36eff6d22de038f09f1d16b03e300e8 (patch) | |
| tree | 8a86db0756767210265490d644e39ef2a1ef9a29 /applications/luci-app-ocserv/luasrc/view | |
| parent | b9ed03c5a9a52c17b30f3fb61b81ce1c2ee0ea6e (diff) | |
luci-app-ocserv: protect disconnect action with csrf token
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Diffstat (limited to 'applications/luci-app-ocserv/luasrc/view')
| -rw-r--r-- | applications/luci-app-ocserv/luasrc/view/ocserv_status.htm | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/applications/luci-app-ocserv/luasrc/view/ocserv_status.htm b/applications/luci-app-ocserv/luasrc/view/ocserv_status.htm index 138b03915..03a9ed70e 100644 --- a/applications/luci-app-ocserv/luasrc/view/ocserv_status.htm +++ b/applications/luci-app-ocserv/luasrc/view/ocserv_status.htm @@ -1,7 +1,7 @@ <script type="text/javascript">//<![CDATA[ function ocserv_disconnect(idx) { - XHR.get('<%=url('admin/services/ocserv/disconnect')%>/' + idx, null, + (new XHR()).post('<%=url('admin/services/ocserv/disconnect')%>/' + idx, { token: '<%=token%>' }, function(x) { var tb = document.getElementById('ocserv_status_table'); |