cristiancmoises
/
gophish
mirror of https://github.com/gophish/gophish
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Adjusted CSRF whitelisted paths so remove dependency on / in path. 

Fixes #31
pull/64/head
Jordan Wright 2015-10-03 15:16:11 -05:00
parent b4a73ae5c7
commit 906c4e8a93
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
controllers/route.go
View File

@ -57,11 +57,11 @@ func CreateAdminRouter() http.Handler {
// Setup CSRF Protection // Setup CSRF Protection
csrfHandler := nosurf.New(router) csrfHandler := nosurf.New(router)
// Exempt API routes and Static files // Exempt API routes and Static files
csrfHandler.ExemptGlob("/api/campaigns/*") csrfHandler.ExemptGlob("/api/campaigns*")
csrfHandler.ExemptGlob("/api/groups/*") csrfHandler.ExemptGlob("/api/groups*")
csrfHandler.ExemptGlob("/api/templates/*") csrfHandler.ExemptGlob("/api/templates*")
csrfHandler.ExemptGlob("/api/pages/*") csrfHandler.ExemptGlob("/api/pages*")
csrfHandler.ExemptGlob("/api/import/*") csrfHandler.ExemptGlob("/api/import*")
csrfHandler.ExemptGlob("/static/*") csrfHandler.ExemptGlob("/static/*")
return Use(csrfHandler.ServeHTTP, mid.GetContext) return Use(csrfHandler.ServeHTTP, mid.GetContext)
} }