summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--IkiWiki/CGI.pm14
-rw-r--r--IkiWiki/Plugin/comments.pm2
-rw-r--r--IkiWiki/Plugin/editpage.pm2
3 files changed, 10 insertions, 8 deletions
diff --git a/IkiWiki/CGI.pm b/IkiWiki/CGI.pm
index a3486cbb4..a45e12e31 100644
--- a/IkiWiki/CGI.pm
+++ b/IkiWiki/CGI.pm
@@ -36,7 +36,7 @@ sub showform ($$$$;@) { #{{{
printheader($session);
print misctemplate($form->title, $form->render(submit => $buttons), @_);
-}
+} #}}}
sub redirect ($$) { #{{{
my $q=shift;
@@ -273,7 +273,7 @@ sub check_banned ($$) { #{{{
exit;
}
}
-}
+} #}}}
sub cgi_getsession ($) { #{{{
my $q=shift;
@@ -296,14 +296,16 @@ sub cgi_getsession ($) { #{{{
return $session;
} #}}}
-# The session id is stored on the form and checked to
-# guard against CSRF. But only if the user is logged in,
-# as anonok can allow anonymous edits.
+# To guard against CSRF, the user's session id (sid)
+# can be stored on a form. This function will check
+# (for logged in users) that the sid on the form matches
+# the session id in the cookie.
sub checksessionexpiry ($$) { # {{{
+ my $q=shift;
my $session = shift;
- my $sid = shift;
if (defined $session->param("name")) {
+ my $sid=$q->param('sid');
if (! defined $sid || $sid ne $session->id) {
error(gettext("Your login session has expired."));
}
diff --git a/IkiWiki/Plugin/comments.pm b/IkiWiki/Plugin/comments.pm
index 1eb256da9..b8748a1d6 100644
--- a/IkiWiki/Plugin/comments.pm
+++ b/IkiWiki/Plugin/comments.pm
@@ -468,7 +468,7 @@ sub sessioncgi ($$) { #{{{
if ($form->submitted eq POST_COMMENT && $form->validate) {
my $file = "$location._comment";
- IkiWiki::checksessionexpiry($session, $cgi->param('sid'));
+ IkiWiki::checksessionexpiry($cgi, $session);
# FIXME: could probably do some sort of graceful retry
# on error? Would require significant unwinding though
diff --git a/IkiWiki/Plugin/editpage.pm b/IkiWiki/Plugin/editpage.pm
index e4f0cdac0..242624d77 100644
--- a/IkiWiki/Plugin/editpage.pm
+++ b/IkiWiki/Plugin/editpage.pm
@@ -340,7 +340,7 @@ sub cgi_editpage ($$) { #{{{
else {
# save page
check_canedit($page, $q, $session);
- checksessionexpiry($session, $q->param('sid'));
+ checksessionexpiry($q, $session, $q->param('sid'));
my $exists=-e "$config{srcdir}/$file";