summaryrefslogtreecommitdiffhomepage
path: root/applications/luci-app-p910nd/po/no
diff options
context:
space:
mode:
authorJo-Philipp Wich <jo@mein.io>2018-04-05 00:15:22 +0200
committerJo-Philipp Wich <jo@mein.io>2018-04-05 00:15:22 +0200
commit186e690c08a8766aecf9a0ffc60b4475e366d723 (patch)
tree320b100a84d90c2fca0ed970d3bb20864f1eab36 /applications/luci-app-p910nd/po/no
parent697db81246bf9e3256c7217a00ee4e7757c87077 (diff)
luci-base: dispatcher: reject non-POST requests with any cbi.submit value
Due to the fact that luci.model.cbi reacts on any "cbi.submit" value while the dispatcher only required POST for cbi.submit == 1, the CSRF token protection could be bypassed. Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Diffstat (limited to 'applications/luci-app-p910nd/po/no')
0 files changed, 0 insertions, 0 deletions