aboutsummaryrefslogtreecommitdiff
path: root/lib
diff options
context:
space:
mode:
Diffstat (limited to 'lib')
-rw-r--r--lib/BridgeCard.php5
1 files changed, 2 insertions, 3 deletions
diff --git a/lib/BridgeCard.php b/lib/BridgeCard.php
index e5456f33..c4677b9d 100644
--- a/lib/BridgeCard.php
+++ b/lib/BridgeCard.php
@@ -104,9 +104,8 @@ final class BridgeCard
<input type="hidden" name="bridge" value="{$bridgeClassName}" />
EOD;
- if ($token) {
- // todo: maybe escape the token?
- $form .= sprintf('<input type="hidden" name="token" value="%s" />', $token);
+ if (Configuration::getConfig('authentication', 'token') && $token) {
+ $form .= sprintf('<input type="hidden" name="token" value="%s" />', e($token));
}
if (!empty($contextName)) {
generated by cgit v1.2.3 (git 2.39.1) at 2025-07-30 19:20:19 +0000