Protect the web interface against CSRF, and the CSRF token against BREACH.

[itkacl] / itkacl-web-1.0 / web / addnode.pl

diff --git a/itkacl-web-1.0/web/addnode.pl b/itkacl-web-1.0/web/addnode.pl
index d0f1ddd7271e6f4f13eb068128eb507f4b1e80bf..46bab19a8d4fc6452d7b7f36bc674e9ede68d2b0 100755 (executable)
--- a/itkacl-web-1.0/web/addnode.pl
+++ b/itkacl-web-1.0/web/addnode.pl
@@ -7,6 +7,7 @@ use lib '../include';
 use itkaclcommon;
 
 itkaclcommon::init();
+itkaclcommon::check_csrf_token();
 
 my $parent = $itkaclcommon::cgi->param('parent');
 my $name = $itkaclcommon::cgi->param('name');