diff options
| author | thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2011-02-03 22:08:03 +0000 |
|---|---|---|
| committer | thomasb <thomasb@208e9e7b-5314-0410-a742-e7e81cd9613c> | 2011-02-03 22:08:03 +0000 |
| commit | 6cf335e8f6ce162642c5e565f43c0c161ace1dd2 (patch) | |
| tree | d5eb16d6f816e1e3be0807e5ace98e86f46b55e6 /roundcubemail/program | |
| parent | 9c6ae69d2a75ebc604866e32e1633a320df8f92e (diff) | |
protect login form submission from CSRF using a request token
git-svn-id: https://svn.roundcube.net/trunk@4490 208e9e7b-5314-0410-a742-e7e81cd9613c
Diffstat (limited to 'roundcubemail/program')
| -rw-r--r-- | roundcubemail/program/include/rcube_session.php | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/roundcubemail/program/include/rcube_session.php b/roundcubemail/program/include/rcube_session.php index 7384af39c..2bd663c83 100644 --- a/roundcubemail/program/include/rcube_session.php +++ b/roundcubemail/program/include/rcube_session.php @@ -253,6 +253,7 @@ class rcube_session */ public function kill() { + $this->vars = false; $this->destroy(session_id()); rcmail::setcookie($this->cookiename, '-del-', time() - 60); } |