diff options
| author | Tobias Hößl <tobias@hoessl.eu> | 2012-03-18 15:44:33 +0000 |
|---|---|---|
| committer | Tobias Hößl <tobias@hoessl.eu> | 2012-03-18 15:44:33 +0000 |
| commit | 453b5b46a370e3f01f2c948ac3eddf0bcd82c741 (patch) | |
| tree | 9c7181e9ec078eb266520df1dd69c939b079edc3 /js | |
| parent | 72894b0e91515461717c584879e5a4331841104a (diff) | |
| download | volse-hubzilla-453b5b46a370e3f01f2c948ac3eddf0bcd82c741.tar.gz volse-hubzilla-453b5b46a370e3f01f2c948ac3eddf0bcd82c741.tar.bz2 volse-hubzilla-453b5b46a370e3f01f2c948ac3eddf0bcd82c741.zip | |
CSRF-Protection in the group-related form (creating, renaming and dropping a group, adding/removing members from it)
Diffstat (limited to 'js')
| -rwxr-xr-x | js/main.js | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/js/main.js b/js/main.js index c20455ad1..babd2a1c3 100755 --- a/js/main.js +++ b/js/main.js @@ -486,9 +486,9 @@ return a.join(''); } - function groupChangeMember(gid,cid) { + function groupChangeMember(gid, cid, sec_token) { $('body .fakelink').css('cursor', 'wait'); - $.get('group/' + gid + '/' + cid, function(data) { + $.get('group/' + gid + '/' + cid + "?t=" + sec_token, function(data) { $('#group-update-wrapper').html(data); $('body .fakelink').css('cursor', 'auto'); }); |