mirror of https://github.com/MISP/MISP
fix: [users] Avoid POSTing forms not linked to the login page resulting in unwanted actions
- As reported by Michael Kerscherpull/6322/head
parent
5d3dee3ba2
commit
164963100a
|
@ -81,7 +81,10 @@ function submitLoginForm() {
|
|||
$form[0].reportValidity()
|
||||
} else {
|
||||
fetchFormDataAjax(url, function(html) {
|
||||
var formHTML = $(html).find('form')
|
||||
var formHTML = $(html).find('form#UserLoginForm')
|
||||
if (!formHTML.length) {
|
||||
window.location = baseurl + '/users/login'
|
||||
}
|
||||
$('body').append($('<div id="temp" style="display: none"/>').append(formHTML))
|
||||
var $tmpForm = $('#temp form')
|
||||
$tmpForm.find('#UserEmail').val(email)
|
||||
|
|
Loading…
Reference in New Issue