(mvc) fix Phalcon csrf issue after upgrade >= 2.0.1

43955298 · Ad Schellevis · e4cd84cb · 43955298
Commit 43955298 authored Jun 08, 2015 by Ad Schellevis
Show whitespace changes
Inline Side-by-side

Showing with 1 addition and 1 deletion

ApiControllerBase.php ...e/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php +1 -1

No files found.
--- a/src/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php
+++ b/src/opnsense/mvc/app/controllers/OPNsense/Base/ApiControllerBase.php
@@ -97,7 +97,7 @@ class ApiControllerBase extends Controller
        // check for valid csrf on post requests
        $csrf_tokenkey = $this->request->getHeader('X_CSRFTOKENKEY');
        $csrf_token =   $this->request->getHeader('X_CSRFTOKEN');
-        $csrf_valid = $this->security->checkToken($csrf_tokenkey, $csrf_token);
+        $csrf_valid = $this->security->checkToken($csrf_tokenkey, $csrf_token, false);
        if (($this->request->isPost() ||
                $this->request->isPut() ||