From 5499336feff22f682448dd99cc00a9b36701fcd1 Mon Sep 17 00:00:00 2001
From: thomascube <thomas@roundcube.net>
Date: Tue, 21 Jul 2009 12:02:33 -0400
Subject: [PATCH] Use global request tokens and automatically protect all POST requests

---
 program/js/app.js |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/program/js/app.js b/program/js/app.js
index 332ee87..4ce3546 100644
--- a/program/js/app.js
+++ b/program/js/app.js
@@ -55,7 +55,7 @@
   // set jQuery ajax options
   jQuery.ajaxSetup({ cache:false,
     error:function(request, status, err){ ref.http_error(request, status, err); },
-    beforeSend:function(xmlhttp){ xmlhttp.setRequestHeader('X-RoundCube-Referer', bw.get_cookie('roundcube_sessid')); }
+    beforeSend:function(xmlhttp){ xmlhttp.setRequestHeader('X-RoundCube-Request', ref.env.request_token); }
   });
 
   // set environment variable(s)

--
Gitblit v1.9.1