From ea70ca3ce3cbbaac0e24e30304f44dfc37c11f56 Mon Sep 17 00:00:00 2001
From: Lukas Reschke <lukas@statuscode.ch>
Date: Sat, 7 Jul 2012 16:12:21 +0200
Subject: [PATCH] CSRF checks

---
 apps/files_external/ajax/addMountPoint.php    | 2 ++
 apps/files_external/ajax/removeMountPoint.php | 2 ++
 2 files changed, 4 insertions(+)

diff --git a/apps/files_external/ajax/addMountPoint.php b/apps/files_external/ajax/addMountPoint.php
index 549cb6a3427..0eedfdb3339 100644
--- a/apps/files_external/ajax/addMountPoint.php
+++ b/apps/files_external/ajax/addMountPoint.php
@@ -1,6 +1,8 @@
 <?php
 
 OCP\JSON::checkAppEnabled('files_external');
+OCP\JSON::callCheck();
+
 if ($_POST['isPersonal'] == 'true') {
 	OCP\JSON::checkLoggedIn();
 	$isPersonal = true;
diff --git a/apps/files_external/ajax/removeMountPoint.php b/apps/files_external/ajax/removeMountPoint.php
index b77b306bcb5..a96601b4d05 100644
--- a/apps/files_external/ajax/removeMountPoint.php
+++ b/apps/files_external/ajax/removeMountPoint.php
@@ -1,6 +1,8 @@
 <?php
 
 OCP\JSON::checkAppEnabled('files_external');
+OCP\JSON::callCheck();
+
 if ($_POST['isPersonal'] == 'true') {
 	OCP\JSON::checkLoggedIn();
 	$isPersonal = true;
-- 
GitLab