summaryrefslogtreecommitdiff
path: root/lib/Travelynx/Controller/Api.pm
diff options
context:
space:
mode:
authorDerf Null <derf@finalrewind.org>2023-06-04 19:25:24 +0200
committerDerf Null <derf@finalrewind.org>2023-06-04 19:25:24 +0200
commitc1635e24fb78d981a790463cfe35ba552bcaac04 (patch)
tree64a3aeff358c6b56663ee01be27713f036d89918 /lib/Travelynx/Controller/Api.pm
parent8cef56a94033c9b4784026e8e809c03beb59db8b (diff)
use a separate bad_request page for CSRF errors
Diffstat (limited to 'lib/Travelynx/Controller/Api.pm')
-rwxr-xr-xlib/Travelynx/Controller/Api.pm6
1 files changed, 5 insertions, 1 deletions
diff --git a/lib/Travelynx/Controller/Api.pm b/lib/Travelynx/Controller/Api.pm
index 0410fc6..0382ba8 100755
--- a/lib/Travelynx/Controller/Api.pm
+++ b/lib/Travelynx/Controller/Api.pm
@@ -567,7 +567,11 @@ sub import_v1 {
sub set_token {
my ($self) = @_;
if ( $self->validation->csrf_protect->has_error('csrf_token') ) {
- $self->render( 'account', invalid => 'csrf' );
+ $self->render(
+ 'bad_request',
+ csrf => 1,
+ status => 400
+ );
return;
}
my $token = make_token();
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-02 22:00:26 +0000