Pi-Hole/web
1
0
Fork 0
mirror of https://github.com/pi-hole/web.git synced 2026-04-23 02:09:58 +01:00
Code Issues Packages Projects Releases Wiki Activity

Require CSRF token for debug log generation

Browse Source
This commit is contained in:
Mcat12
2017-04-02 19:23:03 -04:00
parent d956c35c24
commit 4d9d9dc949
2 changed files with 16 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
scripts/pi-hole/php/debug.php
View File

@@ -5,6 +5,18 @@ ob_implicit_flush(true);
header('Content-Type: text/event-stream');
header('Cache-Control: no-cache');
require "password.php";
require "auth.php";
if(!$auth) {
die("Unauthorized");
}
check_cors();
$token = isset($_GET["token"]) ? $_GET["token"] : "";
check_csrf($token);
function echoEvent($datatext) {
if(!isset($_GET["IE"]))
echo "data: ".implode("\ndata: ", explode("\n", $datatext))."\n\n";