add csrf checks to frames view

This commit is contained in:
Isaac Connor 2020-09-02 18:11:53 -04:00
parent 18671b7c19
commit 70b73048cc
1 changed files with 4 additions and 4 deletions

View File

@ -222,11 +222,11 @@ ZM\Logger::Debug("View: $view Request: $request Action: $action User: " . ( isse
if (
ZM_ENABLE_CSRF_MAGIC &&
( $action != 'login' ) &&
( $view != 'view_video' ) &&
( $view != 'image' ) &&
( $view != 'view_video' ) && // only video no html
( $view != 'image' ) && // view=image doesn't return html, just image data.
( $request != 'control' ) &&
( $view != 'frames' ) &&
( $view != 'archive' )
//( $view != 'frames' ) && // big html can overflow ob
( $view != 'archive' ) // returns data
) {
require_once('includes/csrf/csrf-magic.php');
#ZM\Logger::Debug("Calling csrf_check with the following values: \$request = \"$request\", \$view = \"$view\", \$action = \"$action\"");