Webmods: Only accept POST requests with a secret parameter

This is a first step against CSRF. Thanks to flakes for the idea. git-svn-id: https://znc.svn.sourceforge.net/svnroot/znc/trunk@1932 726aef4b-f618-498e-8847-2d620e286838
2026-03-28 17:42:41 +01:00 · 2010-04-25 13:04:51 +00:00
parent eaaddf01bb
commit b0d140e2ed
4 changed files with 21 additions and 0 deletions
--- a/HTTPSock.cpp
+++ b/HTTPSock.cpp
@@ -361,6 +361,10 @@ const map<CString, VCString>& CHTTPSock::GetParams() const {
 	return m_msvsParams;
 }

+bool CHTTPSock::IsPost() const {
+	return m_bPost;
+}
+
 bool CHTTPSock::PrintNotFound() {
 	return PrintErrorPage(404, "Not Found", "The requested URL was not found on this server.");
 }