Dockery/Trilium
1
0
Fork 0
mirror of https://github.com/zadam/trilium.git synced 2025-10-30 18:05:55 +01:00
Code Issues Packages Projects Releases Activity

added CSRF protection using csurf express middleware, fixes #455

Browse Source
This commit is contained in:
zadam
2019-03-24 22:41:53 +01:00
parent f6413d095c
commit 9fc5d328b4
11 changed files with 87 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/public/javascripts/desktop.js
View File

@@ -98,7 +98,8 @@ $(document).on("click", "button[data-help-page]", e => {
$("#logout-button").toggle(!utils.isElectron());
$("#logout-button").click(() => {
const $logoutForm = $('<form action="logout" method="POST">');
const $logoutForm = $('<form action="logout" method="POST">')
.append($(`<input type="hidden" name="_csrf" value="${glob.csrfToken}"/>`));
$("body").append($logoutForm);
$logoutForm.submit();