Author: Niklas Keller (kelunik) Date: 2023-03-28T22:31:10+02:00 Commit: https://github.com/php/web-wiki/commit/f1b2fefb1832ff2164f18cdbaea77d18ac654396 Raw diff: https://github.com/php/web-wiki/commit/f1b2fefb1832ff2164f18cdbaea77d18ac654396.diff
Fix logout missing csrf token See https://forum.dokuwiki.org/d/20248-security-token-did-not-match-possible-csrf-attack-cannot-log-out/8 Changed paths: M dokuwiki/lib/tpl/phpnet/main.php Diff: diff --git a/dokuwiki/lib/tpl/phpnet/main.php b/dokuwiki/lib/tpl/phpnet/main.php index 611b1254..7fce4e14 100644 --- a/dokuwiki/lib/tpl/phpnet/main.php +++ b/dokuwiki/lib/tpl/phpnet/main.php @@ -33,7 +33,7 @@ $LINKS = array( array("href" => "?do=edit", "text" => "Edit this page",), array("href" => "?do=admin", "text" => "Admin",), - array("href" => "?do=logout", "text" => "Logout",), + array("href" => "?do=logout§ok=" . urlencode(getSecurityToken()), "text" => "Logout",), array("href" => "?do=profile", "text" => $name,), ); } -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
