diff options
| author | Angie Byron <webchick@24967.no-reply.drupal.org> | 2010-03-28 07:00:30 +0000 |
|---|---|---|
| committer | Angie Byron <webchick@24967.no-reply.drupal.org> | 2010-03-28 07:00:30 +0000 |
| commit | 3359fb5c1cd034aedc05fb961a3360f04a379c49 (patch) | |
| tree | efcf93ada9c929ad7c7502d8d5c88cccad7411e2 /modules/comment/comment.module | |
| parent | 3520ea515364a528d06fc8ad477a103ff168a1f7 (diff) | |
| download | brdo-3359fb5c1cd034aedc05fb961a3360f04a379c49.tar.gz brdo-3359fb5c1cd034aedc05fb961a3360f04a379c49.tar.bz2 | |
#66264 by boombatower, grendzy, et al: Remove CSRF vulnerability from comment module.
Diffstat (limited to 'modules/comment/comment.module')
| -rw-r--r-- | modules/comment/comment.module | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/modules/comment/comment.module b/modules/comment/comment.module index ab71b724b..aa66c9f87 100644 --- a/modules/comment/comment.module +++ b/modules/comment/comment.module @@ -991,6 +991,7 @@ function comment_links($comment, $node) { 'title' => t('approve'), 'href' => "comment/$comment->cid/approve", 'html' => TRUE, + 'query' => array('token' => drupal_get_token("comment/$comment->cid/approve")), ); } } |