🧑‍💻 ignore csrf check when not in production

2024-07-24 16:57:27 +02:00 · 2024-07-24 16:57:27 +02:00 · a794127f5f
commit a794127f5f
parent 6dbf54e35b
3 changed files with 3 additions and 3 deletions
--- a/api/newsletter/subscribe.php
+++ b/api/newsletter/subscribe.php
@ -6,7 +6,7 @@
 	
 	// CHECK CSRF PROTECTION //
 	$x_cookieless_csrf_protection = getallheaders()["x-cookieless-csrf-protection"] ?? null;
-	if($x_cookieless_csrf_protection !== "42"){
+	if(\Flake\Env::IS_PRODUCTION and $x_cookieless_csrf_protection !== "42"){
 		// show an excuse page
 		Excuse::show("invalid_csrf_token");
 	}
--- a/api/newsletter/unsubscribe.php
+++ b/api/newsletter/unsubscribe.php
@ -6,7 +6,7 @@
 	
 	// CHECK CSRF PROTECTION //
 	$x_cookieless_csrf_protection = getallheaders()["x-cookieless-csrf-protection"] ?? null;
-	if($x_cookieless_csrf_protection !== "42"){
+	if(\Flake\Env::IS_PRODUCTION and $x_cookieless_csrf_protection !== "42"){
 		// show an excuse page
 		Excuse::show("invalid_csrf_token");
 	}
--- a/api/newsletter/verify.php
+++ b/api/newsletter/verify.php
@ -5,7 +5,7 @@
 	
 	// CHECK CSRF PROTECTION //
 	$x_cookieless_csrf_protection = getallheaders()["x-cookieless-csrf-protection"] ?? null;
-	if($x_cookieless_csrf_protection !== "42"){
+	if(\Flake\Env::IS_PRODUCTION and $x_cookieless_csrf_protection !== "42"){
 		// show an excuse page
 		Excuse::show("invalid_csrf_token");
 	}