projects
/
project
/
luci.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
luci-app-ocserv: protect disconnect action with csrf token
[project/luci.git]
/
applications
/
luci-app-ocserv
/
luasrc
/
view
/
ocserv_status.htm
diff --git
a/applications/luci-app-ocserv/luasrc/view/ocserv_status.htm
b/applications/luci-app-ocserv/luasrc/view/ocserv_status.htm
index
138b039
..
03a9ed7
100644
(file)
--- a/
applications/luci-app-ocserv/luasrc/view/ocserv_status.htm
+++ b/
applications/luci-app-ocserv/luasrc/view/ocserv_status.htm
@@
-1,7
+1,7
@@
<script type="text/javascript">//<![CDATA[
function ocserv_disconnect(idx) {
<script type="text/javascript">//<![CDATA[
function ocserv_disconnect(idx) {
-
XHR.get('<%=url('admin/services/ocserv/disconnect')%>/' + idx, null
,
+
(new XHR()).post('<%=url('admin/services/ocserv/disconnect')%>/' + idx, { token: '<%=token%>' }
,
function(x)
{
var tb = document.getElementById('ocserv_status_table');
function(x)
{
var tb = document.getElementById('ocserv_status_table');