composer/iTop
6
0
Fork 0
mirror of https://github.com/Combodo/iTop.git synced 2026-05-02 15:08:45 +02:00
Code Issues Packages Projects Releases Wiki Activity

🔒 N°1795 prevent CSRF on dashboard import

Browse Source
This commit is contained in:
Pierre Goiffon
2018-11-26 15:17:53 +01:00
parent d5568afc68
commit 0f20f9ca5d
3 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
js/dashboard.js
View File

@@ -366,6 +366,7 @@ $(function()
{
dashboard_id: '',
file_id: '',
transaction: '',
text: 'Select a dashboard file to import',
title: 'Dahsboard Import',
close_btn: 'Close',
@@ -383,7 +384,7 @@ $(function()
//me.onClose();
};
$('#'+this.options.file_id).fileupload({
url: me.options.submit_to+'&id='+me.options.dashboard_id,
url: me.options.submit_to+'&id='+me.options.dashboard_id+'&transaction_id='+me.options.transaction,
dataType: 'json',
pasteZone: null, // Don't accept files via Chrome's copy/paste
done: function (e, data) {