webui login, reload page to prevent csrf token invalidation. just a simple test for something discussed with @fichtner, might be reverted later if deemed impractical.

2026-03-14 00:24:40 +00:00 · 2019-04-08 17:49:35 +02:00 · 2019-04-08 17:49:35 +02:00 · c22ebec1a9
commit c22ebec1a9
parent 92f5c81100
1 changed files with 8 additions and 1 deletions
--- a/src/etc/inc/authgui.inc
+++ b/src/etc/inc/authgui.inc
@ -318,7 +318,14 @@ function display_login_form($Login_Error)
 <?php endif ?>

    <!--[if lt IE 9]><script src="//cdnjs.cloudflare.com/ajax/libs/html5shiv/3.7.2/html5shiv.min.js"></script><![endif]-->
-
+    <script>
+      $( document ).ready(function() {
+          // force reload every hour to prevent csrf token invalidation.
+          setTimeout(function(){
+              window.location.reload(true);
+          }, 3600000);
+      });
+    </script>
  </head>
  <body class="page-login">