CRSF protection on deletes

2025-12-12 14:23:38 +00:00 · 2018-03-22 21:21:57 -04:00
parent e920c8e9d2
commit ab370b6ca4
4 changed files with 30 additions and 26 deletions
--- a/src/Admin/Controllers/UsersController.cs
+++ b/src/Admin/Controllers/UsersController.cs
@@ -77,6 +77,8 @@ namespace Bit.Admin.Controllers
            return RedirectToAction("Edit", new { id });
        }

+        [HttpPost]
+        [ValidateAntiForgeryToken]
        public async Task<IActionResult> Delete(Guid id)
        {
            var user = await _userRepository.GetByIdAsync(id);