Fossil SCM
Fix the password reset request form so that it passes CSRF security tests.
Commit
ce8598b6c1e1336c88f7bfd40d842a40006baa69e98e5b4101ab84d371bcb4d2
Parent
3bfae2309cd2990…
1 file changed
+5
-1
+5
-1
| --- src/login.c | ||
| +++ src/login.c | ||
| @@ -2261,13 +2261,17 @@ | ||
| 2261 | 2261 | return; |
| 2262 | 2262 | } |
| 2263 | 2263 | zEAddr = PDT("ea",""); |
| 2264 | 2264 | |
| 2265 | 2265 | /* Verify user imputs */ |
| 2266 | - if( !cgi_csrf_safe(2) || P("reqpwreset")==0 ){ | |
| 2266 | + if( !cgi_csrf_safe(1) || P("reqpwreset")==0 ){ | |
| 2267 | 2267 | /* This is the initial display of the form. No processing or error |
| 2268 | 2268 | ** checking is to be done. Fall through into the form display |
| 2269 | + ** | |
| 2270 | + ** cgi_csrf_safe(): Nothing interesting happens on this page without | |
| 2271 | + ** a valid captcha solution, so we only need to check referrer and that | |
| 2272 | + ** the request is a POST. | |
| 2269 | 2273 | */ |
| 2270 | 2274 | }else if( (captchaIsCorrect = captcha_is_correct(1))==0 ){ |
| 2271 | 2275 | iErrLine = 2; |
| 2272 | 2276 | zErr = "Incorrect CAPTCHA"; |
| 2273 | 2277 | }else if( zEAddr[0]==0 ){ |
| 2274 | 2278 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -2261,13 +2261,17 @@ | |
| 2261 | return; |
| 2262 | } |
| 2263 | zEAddr = PDT("ea",""); |
| 2264 | |
| 2265 | /* Verify user imputs */ |
| 2266 | if( !cgi_csrf_safe(2) || P("reqpwreset")==0 ){ |
| 2267 | /* This is the initial display of the form. No processing or error |
| 2268 | ** checking is to be done. Fall through into the form display |
| 2269 | */ |
| 2270 | }else if( (captchaIsCorrect = captcha_is_correct(1))==0 ){ |
| 2271 | iErrLine = 2; |
| 2272 | zErr = "Incorrect CAPTCHA"; |
| 2273 | }else if( zEAddr[0]==0 ){ |
| 2274 |
| --- src/login.c | |
| +++ src/login.c | |
| @@ -2261,13 +2261,17 @@ | |
| 2261 | return; |
| 2262 | } |
| 2263 | zEAddr = PDT("ea",""); |
| 2264 | |
| 2265 | /* Verify user imputs */ |
| 2266 | if( !cgi_csrf_safe(1) || P("reqpwreset")==0 ){ |
| 2267 | /* This is the initial display of the form. No processing or error |
| 2268 | ** checking is to be done. Fall through into the form display |
| 2269 | ** |
| 2270 | ** cgi_csrf_safe(): Nothing interesting happens on this page without |
| 2271 | ** a valid captcha solution, so we only need to check referrer and that |
| 2272 | ** the request is a POST. |
| 2273 | */ |
| 2274 | }else if( (captchaIsCorrect = captcha_is_correct(1))==0 ){ |
| 2275 | iErrLine = 2; |
| 2276 | zErr = "Incorrect CAPTCHA"; |
| 2277 | }else if( zEAddr[0]==0 ){ |
| 2278 |