mirror of https://github.com/MISP/MISP
fix: Remove form tampering for REST requests
- makes MISP compatible with 2.10.x - No point in running the security component's test since no form is submitted via REST anyway.pull/1994/merge
parent
eb51a35472
commit
776084130f
|
@ -161,6 +161,9 @@ class AppController extends Controller {
|
|||
}
|
||||
$userLoggedIn = false;
|
||||
if (Configure::read('Plugin.CustomAuth_enable')) $userLoggedIn = $this->__customAuthentication($_SERVER);
|
||||
if ($this->_isRest()) {
|
||||
$this->Security->validatePost = false;
|
||||
}
|
||||
if (!$userLoggedIn) {
|
||||
// REST authentication
|
||||
if ($this->_isRest() || $this->_isAutomation()) {
|
||||
|
|
Loading…
Reference in New Issue