deepcrayon/lila
deepcrayon/lila
1
0
Fork 0
Code Releases Activity

fix CSRF check

Browse source
This commit is contained in:
Thibault Duplessis 2016-09-12 09:35:36 +02:00
parent d1f89e4147
commit 2e208e9d13
1 changed files with 2 additions and 3 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
app/controllers/LilaController.scala
View file

@ -355,9 +355,8 @@ private[controllers] trait LilaController
}
private def CSRF(req: RequestHeader)(f: Fu[Result]): Fu[Result] =
if (Env.security.csrfRequestHandler.check(req))
Forbidden("Cross origin request forbidden").fuccess
else f
if (Env.security.csrfRequestHandler.check(req)) f
else Forbidden("Cross origin request forbidden").fuccess
protected def XhrOnly(res: => Fu[Result])(implicit ctx: Context) =
if (HTTPRequest isXhr ctx.req) res else notFound