summaryrefslogtreecommitdiffhomepage
path: root/modules/admin-full/luasrc
diff options
context:
space:
mode:
authorSteven Barth <steven@midlink.org>2008-12-15 10:40:45 +0000
committerSteven Barth <steven@midlink.org>2008-12-15 10:40:45 +0000
commit1ee5ba632ab52b5d3af5c88803fee89c8eaf6fe1 (patch)
treec71bbbb5247bb5f2a48f1f5e78d90dfe71d424b3 /modules/admin-full/luasrc
parent73109f3e46bc112faa9ebac16417b423d8661645 (diff)
Refined urltokens and XSRF protection
Diffstat (limited to 'modules/admin-full/luasrc')
-rw-r--r--modules/admin-full/luasrc/controller/admin/index.lua3
1 files changed, 2 insertions, 1 deletions
diff --git a/modules/admin-full/luasrc/controller/admin/index.lua b/modules/admin-full/luasrc/controller/admin/index.lua
index c0322d3a2..e2b812e8c 100644
--- a/modules/admin-full/luasrc/controller/admin/index.lua
+++ b/modules/admin-full/luasrc/controller/admin/index.lua
@@ -53,8 +53,9 @@ function action_logout()
local sauth = require "luci.sauth"
if dsp.context.authsession then
sauth.kill(dsp.context.authsession)
+ dsp.context.urltoken.stok = nil
end
- luci.http.header("Set-Cookie", "sysauth=; path=/")
+ luci.http.header("Set-Cookie", "sysauth=; path=" .. dsp.build_url())
luci.http.redirect(luci.dispatcher.build_url())
end \ No newline at end of file