An error occurred while fetching folder content.
E
evaluationsportal
Select Git revision
-
-
- Open in your IDE
- Download source code
Forked from
FSI Informatik / evaluationsportal
Source project has a limited visibility.
Lukas Braun
authored
For some protection against CSRF attacks, check if the Origin header is
the weburl we are listening on before handling POSTs to
moderation/{edit,accept}/<doc>.
If the request does not contain an Origin header (which should never be
the case for POST requests in modern browsers), a warning is printed and
the request handled anyway.
It is probably a good idea to implement some CSRF token mechanism to
authenticate requests as well, I'm not sure how robust this Origin
checking stuff really is.| Name | Last commit | Last update |
|---|