[RCD] Enigma hybrid decryption

A.L.E.C alec at alec.pl
Thu Sep 1 07:27:47 CEST 2016


On 08/31/2016 09:23 PM, Kyle Francis wrote:
> // post the decrypted session key back to server
> var form = $('<form action="'+location.href+'"
> method="post"></form>').appendTo('body');
> $(form).append('<input type="hidden" name="sessionKey" value="'+dsk+'">');
> $(form).submit();
> 
> This successfully reloads the page (I think), but I'm getting a "Request
> Check Failed" response.  I'm assuming this has to do with the session
> token since it talks about preventing CSRF. How I would need to pass the
> session token in my post above to comply?

$(form).append('<input type="hidden" name="_token"
value="'+rcmail.env.request_token+'">');


-- 
Aleksander 'A.L.E.C' Machniak
Kolab Groupware Developer        [http://kolab.org]
Roundcube Webmail Developer  [http://roundcube.net]
---------------------------------------------------
PGP: 19359DC1 @@ GG: 2275252 @@ WWW: http://alec.pl


More information about the dev mailing list