Contacts: Implement CSRF prevention.
This commit is contained in:
parent
3e143601fe
commit
5b1a14f9ea
18 changed files with 45 additions and 32 deletions
|
@ -10,6 +10,7 @@
|
||||||
|
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
OCP\JSON::callCheck();
|
||||||
|
|
||||||
$bookid = $_POST['bookid'];
|
$bookid = $_POST['bookid'];
|
||||||
$book = OC_Contacts_App::getAddressbook($bookid);// is owner access check
|
$book = OC_Contacts_App::getAddressbook($bookid);// is owner access check
|
||||||
|
|
|
@ -27,17 +27,11 @@ function bailOut($msg) {
|
||||||
OCP\Util::writeLog('contacts','ajax/addcontact.php: '.$msg, OCP\Util::DEBUG);
|
OCP\Util::writeLog('contacts','ajax/addcontact.php: '.$msg, OCP\Util::DEBUG);
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
function debug($msg) {
|
|
||||||
OCP\Util::writeLog('contacts','ajax/addcontact.php: '.$msg, OCP\Util::DEBUG);
|
|
||||||
}
|
|
||||||
|
|
||||||
// Check if we are a user
|
// Check if we are a user
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
OCP\JSON::callCheck();
|
||||||
foreach ($_POST as $key=>$element) {
|
|
||||||
debug('_POST: '.$key.'=>'.$element);
|
|
||||||
}
|
|
||||||
|
|
||||||
$aid = isset($_POST['aid'])?$_POST['aid']:null;
|
$aid = isset($_POST['aid'])?$_POST['aid']:null;
|
||||||
if(!$aid) {
|
if(!$aid) {
|
||||||
|
|
|
@ -26,6 +26,7 @@
|
||||||
// Check if we are a user
|
// Check if we are a user
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
OCP\JSON::callCheck();
|
||||||
|
|
||||||
function bailOut($msg) {
|
function bailOut($msg) {
|
||||||
OCP\JSON::error(array('data' => array('message' => $msg)));
|
OCP\JSON::error(array('data' => array('message' => $msg)));
|
||||||
|
|
|
@ -11,6 +11,7 @@
|
||||||
// Check if we are a user
|
// Check if we are a user
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
OCP\JSON::callCheck();
|
||||||
|
|
||||||
$userid = OCP\USER::getUser();
|
$userid = OCP\USER::getUser();
|
||||||
$name = trim(strip_tags($_POST['name']));
|
$name = trim(strip_tags($_POST['name']));
|
||||||
|
|
|
@ -27,12 +27,14 @@
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
|
||||||
$tmp_path = $_GET['tmp_path'];
|
$tmp_path = strip_tags($_GET['tmp_path']);
|
||||||
|
$requesttoken = strip_tags($_GET['requesttoken']);
|
||||||
$id = $_GET['id'];
|
$id = $_GET['id'];
|
||||||
OCP\Util::writeLog('contacts','ajax/cropphoto.php: tmp_path: '.$tmp_path.', exists: '.file_exists($tmp_path), OCP\Util::DEBUG);
|
OCP\Util::writeLog('contacts','ajax/cropphoto.php: tmp_path: '.$tmp_path.', exists: '.file_exists($tmp_path), OCP\Util::DEBUG);
|
||||||
$tmpl = new OCP\Template("contacts", "part.cropphoto");
|
$tmpl = new OCP\Template("contacts", "part.cropphoto");
|
||||||
$tmpl->assign('tmp_path', $tmp_path);
|
$tmpl->assign('tmp_path', $tmp_path);
|
||||||
$tmpl->assign('id', $id);
|
$tmpl->assign('id', $id);
|
||||||
|
$tmpl->assign('requesttoken', $requesttoken);
|
||||||
$page = $tmpl->fetchPage();
|
$page = $tmpl->fetchPage();
|
||||||
|
|
||||||
OCP\JSON::success(array('data' => array( 'page' => $page )));
|
OCP\JSON::success(array('data' => array( 'page' => $page )));
|
||||||
|
|
|
@ -26,6 +26,7 @@
|
||||||
// Check if we are a user
|
// Check if we are a user
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
OCP\JSON::callCheck();
|
||||||
|
|
||||||
//$id = $_GET['id'];
|
//$id = $_GET['id'];
|
||||||
$id = $_POST['id'];
|
$id = $_POST['id'];
|
||||||
|
|
|
@ -31,6 +31,7 @@ function bailOut($msg) {
|
||||||
// Check if we are a user
|
// Check if we are a user
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
OCP\JSON::callCheck();
|
||||||
|
|
||||||
$id = isset($_POST['id'])?$_POST['id']:null;
|
$id = isset($_POST['id'])?$_POST['id']:null;
|
||||||
if(!$id) {
|
if(!$id) {
|
||||||
|
|
|
@ -26,6 +26,7 @@
|
||||||
// Check if we are a user
|
// Check if we are a user
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
OCP\JSON::callCheck();
|
||||||
|
|
||||||
$id = $_POST['id'];
|
$id = $_POST['id'];
|
||||||
$checksum = $_POST['checksum'];
|
$checksum = $_POST['checksum'];
|
||||||
|
|
|
@ -24,6 +24,7 @@
|
||||||
OCP\JSON::setContentTypeHeader('text/plain');
|
OCP\JSON::setContentTypeHeader('text/plain');
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
OCP\JSON::callCheck();
|
||||||
function bailOut($msg) {
|
function bailOut($msg) {
|
||||||
OCP\JSON::error(array('data' => array('message' => $msg)));
|
OCP\JSON::error(array('data' => array('message' => $msg)));
|
||||||
OCP\Util::writeLog('contacts','ajax/oc_photo.php: '.$msg, OCP\Util::ERROR);
|
OCP\Util::writeLog('contacts','ajax/oc_photo.php: '.$msg, OCP\Util::ERROR);
|
||||||
|
|
|
@ -21,13 +21,26 @@
|
||||||
* TODO: Translatable strings.
|
* TODO: Translatable strings.
|
||||||
* Remember to delete tmp file at some point.
|
* Remember to delete tmp file at some point.
|
||||||
*/
|
*/
|
||||||
// Init owncloud
|
|
||||||
|
|
||||||
OCP\Util::writeLog('contacts','ajax/savecrop.php: Huzzah!!!', OCP\Util::DEBUG);
|
function bailOut($msg) {
|
||||||
|
OCP\JSON::error(array('data' => array('message' => $msg)));
|
||||||
|
OCP\Util::writeLog('contacts','ajax/savecrop.php: '.$msg, OCP\Util::DEBUG);
|
||||||
|
exit();
|
||||||
|
}
|
||||||
|
function debug($msg) {
|
||||||
|
OCP\Util::writeLog('contacts','ajax/savecrop.php: '.$msg, OCP\Util::DEBUG);
|
||||||
|
}
|
||||||
|
|
||||||
// Check if we are a user
|
// Check if we are a user
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
foreach($_POST as $key=>$value) {
|
||||||
|
debug('POST: '.$key.'=>'.$value);
|
||||||
|
}
|
||||||
|
foreach($_GET as $key=>$value) {
|
||||||
|
debug('GET: '.$key.'=>'.$value);
|
||||||
|
}
|
||||||
|
OCP\JSON::callCheck();
|
||||||
|
|
||||||
// foreach ($_POST as $key=>$element) {
|
// foreach ($_POST as $key=>$element) {
|
||||||
// OCP\Util::writeLog('contacts','ajax/savecrop.php: '.$key.'=>'.$element, OCP\Util::DEBUG);
|
// OCP\Util::writeLog('contacts','ajax/savecrop.php: '.$key.'=>'.$element, OCP\Util::DEBUG);
|
||||||
|
@ -36,12 +49,6 @@ OCP\JSON::checkAppEnabled('contacts');
|
||||||
// Firefox and Konqueror tries to download application/json for me. --Arthur
|
// Firefox and Konqueror tries to download application/json for me. --Arthur
|
||||||
OCP\JSON::setContentTypeHeader('text/plain');
|
OCP\JSON::setContentTypeHeader('text/plain');
|
||||||
|
|
||||||
function bailOut($msg) {
|
|
||||||
OCP\JSON::error(array('data' => array('message' => $msg)));
|
|
||||||
OCP\Util::writeLog('contacts','ajax/savecrop.php: '.$msg, OCP\Util::DEBUG);
|
|
||||||
exit();
|
|
||||||
}
|
|
||||||
|
|
||||||
$image = null;
|
$image = null;
|
||||||
|
|
||||||
$x1 = (isset($_POST['x1']) && $_POST['x1']) ? $_POST['x1'] : 0;
|
$x1 = (isset($_POST['x1']) && $_POST['x1']) ? $_POST['x1'] : 0;
|
||||||
|
|
|
@ -26,6 +26,7 @@
|
||||||
// Check if we are a user
|
// Check if we are a user
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
OCP\JSON::callCheck();
|
||||||
|
|
||||||
function bailOut($msg) {
|
function bailOut($msg) {
|
||||||
OCP\JSON::error(array('data' => array('message' => $msg)));
|
OCP\JSON::error(array('data' => array('message' => $msg)));
|
||||||
|
|
|
@ -11,6 +11,7 @@
|
||||||
// Check if we are a user
|
// Check if we are a user
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
OCP\JSON::callCheck();
|
||||||
|
|
||||||
$bookid = $_POST['id'];
|
$bookid = $_POST['id'];
|
||||||
OC_Contacts_App::getAddressbook($bookid); // is owner access check
|
OC_Contacts_App::getAddressbook($bookid); // is owner access check
|
||||||
|
|
|
@ -23,14 +23,12 @@
|
||||||
// Check if we are a user
|
// Check if we are a user
|
||||||
OCP\JSON::checkLoggedIn();
|
OCP\JSON::checkLoggedIn();
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
OCP\JSON::callCheck();
|
||||||
function bailOut($msg) {
|
function bailOut($msg) {
|
||||||
OCP\JSON::error(array('data' => array('message' => $msg)));
|
OCP\JSON::error(array('data' => array('message' => $msg)));
|
||||||
OCP\Util::writeLog('contacts','ajax/uploadimport.php: '.$msg, OCP\Util::ERROR);
|
OCP\Util::writeLog('contacts','ajax/uploadimport.php: '.$msg, OCP\Util::ERROR);
|
||||||
exit();
|
exit();
|
||||||
}
|
}
|
||||||
function debug($msg) {
|
|
||||||
OCP\Util::writeLog('contacts','ajax/uploadimport.php: '.$msg, OCP\Util::DEBUG);
|
|
||||||
}
|
|
||||||
|
|
||||||
$view = OCP\Files::getStorage('contacts');
|
$view = OCP\Files::getStorage('contacts');
|
||||||
$tmpfile = md5(rand());
|
$tmpfile = md5(rand());
|
||||||
|
@ -39,7 +37,6 @@ $tmpfile = md5(rand());
|
||||||
$fn = (isset($_SERVER['HTTP_X_FILE_NAME']) ? $_SERVER['HTTP_X_FILE_NAME'] : false);
|
$fn = (isset($_SERVER['HTTP_X_FILE_NAME']) ? $_SERVER['HTTP_X_FILE_NAME'] : false);
|
||||||
if($fn) {
|
if($fn) {
|
||||||
if($view->file_put_contents('/'.$tmpfile, file_get_contents('php://input'))) {
|
if($view->file_put_contents('/'.$tmpfile, file_get_contents('php://input'))) {
|
||||||
debug($fn.' uploaded');
|
|
||||||
OCP\JSON::success(array('data' => array('path'=>'', 'file'=>$tmpfile)));
|
OCP\JSON::success(array('data' => array('path'=>'', 'file'=>$tmpfile)));
|
||||||
exit();
|
exit();
|
||||||
} else {
|
} else {
|
||||||
|
@ -70,7 +67,6 @@ $file=$_FILES['importfile'];
|
||||||
$tmpfname = tempnam(get_temp_dir(), "occOrig");
|
$tmpfname = tempnam(get_temp_dir(), "occOrig");
|
||||||
if(file_exists($file['tmp_name'])) {
|
if(file_exists($file['tmp_name'])) {
|
||||||
if($view->file_put_contents('/'.$tmpfile, file_get_contents($file['tmp_name']))) {
|
if($view->file_put_contents('/'.$tmpfile, file_get_contents($file['tmp_name']))) {
|
||||||
debug($fn.' uploaded');
|
|
||||||
OCP\JSON::success(array('data' => array('path'=>'', 'file'=>$tmpfile)));
|
OCP\JSON::success(array('data' => array('path'=>'', 'file'=>$tmpfile)));
|
||||||
} else {
|
} else {
|
||||||
bailOut(OC_Contacts_App::$l10n->t('Error uploading contacts to storage.'));
|
bailOut(OC_Contacts_App::$l10n->t('Error uploading contacts to storage.'));
|
||||||
|
|
|
@ -19,14 +19,6 @@
|
||||||
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
|
||||||
*
|
*
|
||||||
*/
|
*/
|
||||||
// Init owncloud
|
|
||||||
|
|
||||||
|
|
||||||
// Check if we are a user
|
|
||||||
// Firefox and Konqueror tries to download application/json for me. --Arthur
|
|
||||||
OCP\JSON::setContentTypeHeader('text/plain');
|
|
||||||
OCP\JSON::checkLoggedIn();
|
|
||||||
OCP\JSON::checkAppEnabled('contacts');
|
|
||||||
function bailOut($msg) {
|
function bailOut($msg) {
|
||||||
OCP\JSON::error(array('data' => array('message' => $msg)));
|
OCP\JSON::error(array('data' => array('message' => $msg)));
|
||||||
OCP\Util::writeLog('contacts','ajax/uploadphoto.php: '.$msg, OCP\Util::DEBUG);
|
OCP\Util::writeLog('contacts','ajax/uploadphoto.php: '.$msg, OCP\Util::DEBUG);
|
||||||
|
@ -35,6 +27,16 @@ function bailOut($msg) {
|
||||||
function debug($msg) {
|
function debug($msg) {
|
||||||
OCP\Util::writeLog('contacts','ajax/uploadphoto.php: '.$msg, OCP\Util::DEBUG);
|
OCP\Util::writeLog('contacts','ajax/uploadphoto.php: '.$msg, OCP\Util::DEBUG);
|
||||||
}
|
}
|
||||||
|
OCP\JSON::setContentTypeHeader('text/plain');
|
||||||
|
OCP\JSON::checkLoggedIn();
|
||||||
|
OCP\JSON::checkAppEnabled('contacts');
|
||||||
|
foreach($_POST as $key=>$value) {
|
||||||
|
debug('POST: '.$key.'=>'.$value);
|
||||||
|
}
|
||||||
|
foreach($_GET as $key=>$value) {
|
||||||
|
debug('GET: '.$key.'=>'.$value);
|
||||||
|
}
|
||||||
|
OCP\JSON::callCheck();
|
||||||
|
|
||||||
// If it is a Drag'n'Drop transfer it's handled here.
|
// If it is a Drag'n'Drop transfer it's handled here.
|
||||||
$fn = (isset($_SERVER['HTTP_X_FILE_NAME']) ? $_SERVER['HTTP_X_FILE_NAME'] : false);
|
$fn = (isset($_SERVER['HTTP_X_FILE_NAME']) ? $_SERVER['HTTP_X_FILE_NAME'] : false);
|
||||||
|
|
|
@ -1150,7 +1150,7 @@ Contacts={
|
||||||
},
|
},
|
||||||
editPhoto:function(id, tmp_path){
|
editPhoto:function(id, tmp_path){
|
||||||
//alert('editPhoto: ' + tmp_path);
|
//alert('editPhoto: ' + tmp_path);
|
||||||
$.getJSON(OC.filePath('contacts', 'ajax', 'cropphoto.php'),{'tmp_path':tmp_path,'id':this.id},function(jsondata){
|
$.getJSON(OC.filePath('contacts', 'ajax', 'cropphoto.php'),{'tmp_path':tmp_path,'id':this.id,'requesttoken':requesttoken},function(jsondata){
|
||||||
if(jsondata.status == 'success'){
|
if(jsondata.status == 'success'){
|
||||||
//alert(jsondata.data.page);
|
//alert(jsondata.data.page);
|
||||||
$('#edit_photo_dialog_img').html(jsondata.data.page);
|
$('#edit_photo_dialog_img').html(jsondata.data.page);
|
||||||
|
@ -1637,7 +1637,7 @@ $(document).ready(function(){
|
||||||
//}
|
//}
|
||||||
}
|
}
|
||||||
};
|
};
|
||||||
xhr.open('POST', OC.filePath('contacts', 'ajax', 'uploadphoto.php')+'?id='+Contacts.UI.Card.id+'&imagefile='+encodeURIComponent(file.name), true);
|
xhr.open('POST', OC.filePath('contacts', 'ajax', 'uploadphoto.php')+'?id='+Contacts.UI.Card.id+'&requesttoken='+requesttoken+'&imagefile='+encodeURIComponent(file.name), true);
|
||||||
xhr.setRequestHeader('Cache-Control', 'no-cache');
|
xhr.setRequestHeader('Cache-Control', 'no-cache');
|
||||||
xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
|
xhr.setRequestHeader('X-Requested-With', 'XMLHttpRequest');
|
||||||
xhr.setRequestHeader('X_FILE_NAME', encodeURIComponent(file.name));
|
xhr.setRequestHeader('X_FILE_NAME', encodeURIComponent(file.name));
|
||||||
|
|
|
@ -4,6 +4,7 @@ $id = isset($_['id']) ? $_['id'] : '';
|
||||||
<div id="card">
|
<div id="card">
|
||||||
<form class="float" id="file_upload_form" action="<?php echo OCP\Util::linkTo('contacts', 'ajax/uploadphoto.php'); ?>" method="post" enctype="multipart/form-data" target="file_upload_target">
|
<form class="float" id="file_upload_form" action="<?php echo OCP\Util::linkTo('contacts', 'ajax/uploadphoto.php'); ?>" method="post" enctype="multipart/form-data" target="file_upload_target">
|
||||||
<input type="hidden" name="id" value="<?php echo $_['id'] ?>">
|
<input type="hidden" name="id" value="<?php echo $_['id'] ?>">
|
||||||
|
<input type="hidden" name="requesttoken" value="<?php echo $_['requesttoken'] ?>">
|
||||||
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $_['uploadMaxFilesize'] ?>" id="max_upload">
|
<input type="hidden" name="MAX_FILE_SIZE" value="<?php echo $_['uploadMaxFilesize'] ?>" id="max_upload">
|
||||||
<input type="hidden" class="max_human_file_size" value="(max <?php echo $_['uploadMaxHumanFilesize']; ?>)">
|
<input type="hidden" class="max_human_file_size" value="(max <?php echo $_['uploadMaxHumanFilesize']; ?>)">
|
||||||
<input id="file_upload_start" type="file" accept="image/*" name="imagefile" />
|
<input id="file_upload_start" type="file" accept="image/*" name="imagefile" />
|
||||||
|
|
|
@ -1,6 +1,7 @@
|
||||||
<?php
|
<?php
|
||||||
$id = $_['id'];
|
$id = $_['id'];
|
||||||
$tmp_path = $_['tmp_path'];
|
$tmp_path = $_['tmp_path'];
|
||||||
|
$requesttoken = $_['requesttoken'];
|
||||||
OCP\Util::writeLog('contacts','templates/part.cropphoto.php: tmp_path: '.$tmp_path.', exists: '.file_exists($tmp_path), OCP\Util::DEBUG);
|
OCP\Util::writeLog('contacts','templates/part.cropphoto.php: tmp_path: '.$tmp_path.', exists: '.file_exists($tmp_path), OCP\Util::DEBUG);
|
||||||
?>
|
?>
|
||||||
<script language="Javascript">
|
<script language="Javascript">
|
||||||
|
@ -47,6 +48,7 @@ OCP\Util::writeLog('contacts','templates/part.cropphoto.php: tmp_path: '.$tmp_pa
|
||||||
action="<?php echo OCP\Util::linkToAbsolute('contacts', 'ajax/savecrop.php'); ?>">
|
action="<?php echo OCP\Util::linkToAbsolute('contacts', 'ajax/savecrop.php'); ?>">
|
||||||
|
|
||||||
<input type="hidden" id="id" name="id" value="<?php echo $id; ?>" />
|
<input type="hidden" id="id" name="id" value="<?php echo $id; ?>" />
|
||||||
|
<input type="hidden" id="requesttoken" name="requesttoken" value="<?php echo $requesttoken; ?>" />
|
||||||
<input type="hidden" id="tmp_path" name="tmp_path" value="<?php echo $tmp_path; ?>" />
|
<input type="hidden" id="tmp_path" name="tmp_path" value="<?php echo $tmp_path; ?>" />
|
||||||
<fieldset id="coords">
|
<fieldset id="coords">
|
||||||
<input type="hidden" id="x1" name="x1" value="" />
|
<input type="hidden" id="x1" name="x1" value="" />
|
||||||
|
|
|
@ -26,7 +26,7 @@
|
||||||
<?php endforeach; ?>
|
<?php endforeach; ?>
|
||||||
<script type="text/javascript">
|
<script type="text/javascript">
|
||||||
$(function() {
|
$(function() {
|
||||||
var requesttoken = '<?php echo $_['requesttoken']; ?>';
|
requesttoken = '<?php echo $_['requesttoken']; ?>';
|
||||||
$(document).bind('ajaxSend', function(elm, xhr, s){
|
$(document).bind('ajaxSend', function(elm, xhr, s){
|
||||||
if(requesttoken) {
|
if(requesttoken) {
|
||||||
xhr.setRequestHeader('requesttoken', requesttoken);
|
xhr.setRequestHeader('requesttoken', requesttoken);
|
||||||
|
|
Loading…
Reference in a new issue