Exemplo n.º 1
0
 private function initAuth()
 {
     FreshRSS_Auth::init();
     if (Minz_Request::isPost() && !is_referer_from_same_domain()) {
         // Basic protection against XSRF attacks
         FreshRSS_Auth::removeAccess();
         $http_referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
         Minz_Error::error(403, array('error' => array(_t('access_denied'), ' [HTTP_REFERER=' . htmlspecialchars($http_referer) . ']')));
     }
 }
Exemplo n.º 2
0
 private function initAuth()
 {
     FreshRSS_Auth::init();
     if (Minz_Request::isPost() && !is_referer_from_same_domain()) {
         // Basic protection against XSRF attacks
         FreshRSS_Auth::removeAccess();
         $http_referer = empty($_SERVER['HTTP_REFERER']) ? '' : $_SERVER['HTTP_REFERER'];
         Minz_Translate::init('en');
         //TODO: Better choice of fallback language
         Minz_Error::error(403, array('error' => array(_t('feedback.access.denied'), ' [HTTP_REFERER=' . htmlspecialchars($http_referer) . ']')));
     }
 }