fix security problems in draft handling. fixes #3565

author: Andreas Gohr <andi@splitbrain.org> 2021-12-17 23:22:25 +0100
committer: Andreas Gohr <andi@splitbrain.org> 2021-12-17 23:22:25 +0100
commit: 242015942326628da1d53d1303b4d2a900b747b8 (patch)
tree: 9a6764fe7b85c90f3e98d36ae08f13a322f3f767 /lib/scripts
parent: ecad51dd492a107c65ae1265bcca591769433e6c (diff)
download: dokuwiki-242015942326628da1d53d1303b4d2a900b747b8.tar.gz
dokuwiki-242015942326628da1d53d1303b4d2a900b747b8.zip
1 files changed, 2 insertions, 1 deletions
diff --git a/lib/scripts/edit.js b/lib/scripts/edit.js
index 02c1ddfce..2253d05cf 100644
--- a/lib/scripts/edit.js
+++ b/lib/scripts/edit.js
@@ -210,7 +210,8 @@ function deleteDraft() {
     jQuery.post(DOKU_BASE + 'lib/exe/ajax.php',
         {
             call: 'draftdel',
-            id: $dwform.find('input[name=id]').val()
+            id: $dwform.find('input[name=id]').val(),
+            sectok: $dwform.find('input[name=sectok]').val()
         }
     );
 }
author	Andreas Gohr <andi@splitbrain.org>	2021-12-17 23:22:25 +0100
committer	Andreas Gohr <andi@splitbrain.org>	2021-12-17 23:22:25 +0100
commit	242015942326628da1d53d1303b4d2a900b747b8 (patch)
tree	9a6764fe7b85c90f3e98d36ae08f13a322f3f767 /lib/scripts
parent	ecad51dd492a107c65ae1265bcca591769433e6c (diff)
download	dokuwiki-242015942326628da1d53d1303b4d2a900b747b8.tar.gz dokuwiki-242015942326628da1d53d1303b4d2a900b747b8.zip