Changeset 347 for trunk/client/inc/csrf-magic
- Timestamp:
- May 14, 2021, 2:00:23 PM (3 years ago)
- File:
-
- 1 edited
Legend:
- Unmodified
- Added
- Removed
-
trunk/client/inc/csrf-magic/csrf-magic.php
r253 r347 157 157 $buffer = preg_replace('#(<form[^>]*method\s*=\s*["\']post["\'][^>]*>)#i', '$1' . $input, $buffer); 158 158 if ($GLOBALS['csrf']['frame-breaker']) { 159 $buffer = str_ireplace('</head>', '<script type="text/javascript">if (top != self) {top.location.href = self.location.href;}</script></head>', $buffer);159 $buffer = str_ireplace('</head>', '<script>if (top != self) {top.location.href = self.location.href;}</script></head>', $buffer); 160 160 } 161 161 if ($js = $GLOBALS['csrf']['rewrite-js']) { 162 162 $buffer = str_ireplace( 163 163 '</head>', 164 '<script type="text/javascript">'.164 '<script">'. 165 165 'var csrfMagicToken = "'.$tokens.'";'. 166 166 'var csrfMagicName = "'.$name.'";</script>'. … … 168 168 $buffer 169 169 ); 170 $script = '<script type="text/javascript">CsrfMagic.end();</script>';170 $script = '<script>CsrfMagic.end();</script>'; 171 171 $buffer = str_ireplace('</body>', $script . '</body>', $buffer, $count); 172 172 if (!$count) {
Note:
See TracChangeset
for help on using the changeset viewer.