oss/wallabag
oss/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2025-08-01 17:38:38 +00:00
Code Wiki Activity

Replace GET way to POST way to reset data user

Browse source 
Signed-off-by: Kevin Decherf <kevin@kdecherf.com>
This commit is contained in:
Nicolas Lœuillet 2023-07-29 10:44:10 +02:00 committed by Kevin Decherf
parent f4fd8e4675
commit a9893d754f
3 changed files with 44 additions and 19 deletions
Download patch file Download diff file Expand all files Collapse all files

8
src/Wallabag/CoreBundle/Controller/ConfigController.php
View file

@ -523,12 +523,16 @@ class ConfigController extends AbstractController
/**
* Remove all annotations OR tags OR entries for the current user.
*
* @Route("/reset/{type}", requirements={"id" = "annotations|tags|entries"}, name="config_reset")
* @Route("/reset/{type}", requirements={"id" = "annotations|tags|entries"}, name="config_reset", methods={"POST"})
*
* @return RedirectResponse
*/
public function resetAction(string $type, AnnotationRepository $annotationRepository, EntryRepository $entryRepository)
public function resetAction(Request $request, string $type, AnnotationRepository $annotationRepository, EntryRepository $entryRepository)
{
if (!$this->isCsrfTokenValid('reset-area', $request->request->get('token'))) {
throw $this->createAccessDeniedException('Bad CSRF token.');
}
switch ($type) {
case 'annotations':
$annotationRepository->removeAllByUserId($this->getUser()->getId());