From e670ac2ee5f859a974035fd27471e3b456aed24d Mon Sep 17 00:00:00 2001
From: Andrew Dolgov <noreply@fakecake.org>
Date: Tue, 15 Sep 2020 15:35:50 +0300
Subject: [PATCH] require CSRF token for Article/redirect

---
 classes/article.php | 2 +-
 js/Article.js       | 4 +++-
 2 files changed, 4 insertions(+), 2 deletions(-)

diff --git a/classes/article.php b/classes/article.php
index 998528fe8..9c664a8f6 100755
--- a/classes/article.php
+++ b/classes/article.php
@@ -2,7 +2,7 @@
 class Article extends Handler_Protected {
 
 	function csrf_ignore($method) {
-		$csrf_ignored = array("redirect", "editarticletags");
+		$csrf_ignored = array("editarticletags");
 
 		return array_search($method, $csrf_ignored) !== false;
 	}
diff --git a/js/Article.js b/js/Article.js
index e7946776e..1e6488184 100644
--- a/js/Article.js
+++ b/js/Article.js
@@ -133,9 +133,11 @@ const Article = {
 	openInNewWindow: function (id) {
 		const w = window.open("");
 
+		/* global __csrf_token */
+
 		if (w) {
 			w.opener = null;
-			w.location = "backend.php?op=article&method=redirect&id=" + id;
+			w.location = "backend.php?op=article&method=redirect&id=" + id + "&csrf_token=" + __csrf_token;
 
 			Headlines.toggleUnread(id, 0);
 		}