Mirrors/gophish
2
0
Fork 0
mirror of https://github.com/gophish/gophish synced 2024-11-15 08:47:17 +00:00
Code Issues Projects Releases Packages Wiki Activity

Adjusted CSRF whitelisted paths so remove dependency on / in path.

Browse source 
Fixes #31
This commit is contained in:
Jordan Wright 2015-10-03 15:16:11 -05:00
parent b4a73ae5c7
commit 906c4e8a93
1 changed files with 5 additions and 5 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

10
controllers/route.go
View file

@ -57,11 +57,11 @@ func CreateAdminRouter() http.Handler {
// Setup CSRF Protection
csrfHandler := nosurf.New(router)
// Exempt API routes and Static files
csrfHandler.ExemptGlob("/api/campaigns/*")
csrfHandler.ExemptGlob("/api/groups/*")
csrfHandler.ExemptGlob("/api/templates/*")
csrfHandler.ExemptGlob("/api/pages/*")
csrfHandler.ExemptGlob("/api/import/*")
csrfHandler.ExemptGlob("/api/campaigns*")
csrfHandler.ExemptGlob("/api/groups*")
csrfHandler.ExemptGlob("/api/templates*")
csrfHandler.ExemptGlob("/api/pages*")
csrfHandler.ExemptGlob("/api/import*")
csrfHandler.ExemptGlob("/static/*")
return Use(csrfHandler.ServeHTTP, mid.GetContext)
}