Skip to content

Commit bed604e

Browse files
author
bnu
committed
fix #1940 CSRF 체크 보완
1 parent 70ade0f commit bed604e

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

classes/module/ModuleHandler.class.php

+1-1
Original file line numberDiff line numberDiff line change
@@ -411,7 +411,7 @@ function procModule()
411411
$logged_info = Context::get('logged_info');
412412

413413
// check CSRF for POST actions
414-
if(Context::getRequestMethod() === 'POST' && Context::isInstalled() && $this->act !== 'procFileUpload' && !checkCSRF()) {
414+
if($_SERVER['REQUEST_METHOD'] !== 'GET' && Context::isInstalled() && $this->act !== 'procFileUpload' && !checkCSRF()) {
415415
$this->error = 'msg_invalid_request';
416416
$oMessageObject = ModuleHandler::getModuleInstance('message', $display_mode);
417417
$oMessageObject->setError(-1);

0 commit comments

Comments
 (0)