Congegni/sintonia
7
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fixed CSRF prevention checks for REST calls, moved CSRF initialization to Bootstrap

Browse source
This commit is contained in:
Duncan Sommerville 2015-02-20 13:12:49 -05:00
parent 0177e40083
commit be7cae4408
4 changed files with 33 additions and 11 deletions
Download patch file Download diff file Expand all files Collapse all files

3
airtime_mvc/application/controllers/LoginController.php
View file

@ -98,6 +98,9 @@ class LoginController extends Zend_Controller_Action
{
$auth = Zend_Auth::getInstance();
$auth->clearIdentity();
// Unset all session variables relating to CSRF prevention on logout
$csrf_namespace = new Zend_Session_Namespace('csrf_namespace');
$csrf_namespace->unsetAll();
$this->_redirect('showbuilder/index');
}