From c1278f967e90352506900d243888cd3ac9caee9f Mon Sep 17 00:00:00 2001
From: Jo-Philipp Wich <jow@openwrt.org>
Date: Wed, 21 Oct 2015 00:09:55 +0200
Subject: luci-app-splash: protect admin status call with csrf token

Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
---
 applications/luci-app-splash/luasrc/controller/splash/splash.lua | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'applications/luci-app-splash/luasrc/controller')

diff --git a/applications/luci-app-splash/luasrc/controller/splash/splash.lua b/applications/luci-app-splash/luasrc/controller/splash/splash.lua
index 4add43559f..13b8edce6d 100644
--- a/applications/luci-app-splash/luasrc/controller/splash/splash.lua
+++ b/applications/luci-app-splash/luasrc/controller/splash/splash.lua
@@ -16,7 +16,7 @@ function index()
 	node("splash", "splash").target   = template("splash_splash/splash")
 	node("splash", "blocked").target  = template("splash/blocked")
 
-	entry({"admin", "status", "splash"}, call("action_status_admin"), _("Client-Splash"))
+	entry({"admin", "status", "splash"}, post("action_status_admin"), _("Client-Splash"))
 
 	local page  = node("splash", "publicstatus")
 	page.target = call("action_status_public")
-- 
cgit v1.2.3