public/tt-rss
1
0
Fork 0
mirror of https://git.tt-rss.org/git/tt-rss.git synced 2025-12-13 10:45:56 +00:00
Code Issues Releases Wiki Activity

* add (disabled) shortcut syntax for plugin methods

Browse Source 
* add controls shortcut for pluginhandler tags
 * add similar shortcut for frontend
 * allow plugins to selectively exclude their methods from CSRF checking
This commit is contained in:
Andrew Dolgov
2021-02-17 21:44:21 +03:00
parent b16abc157e
commit e4609c18ef
19 changed files with 65 additions and 41 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
classes/pluginhandler.php
View File

@@ -11,7 +11,7 @@ class PluginHandler extends Handler_Protected {
if ($plugin) {
if (method_exists($plugin, $method)) {
if (validate_csrf($csrf_token)) {
if (validate_csrf($csrf_token) || $plugin->csrf_ignore($method)) {
$plugin->$method();
} else {
user_error("Rejected ${plugin_name}->${method}(): invalid CSRF token.", E_USER_WARNING);