diff options
Diffstat (limited to 'app/Controllers/authController.php')
| -rw-r--r-- | app/Controllers/authController.php | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/app/Controllers/authController.php b/app/Controllers/authController.php index 9bad837f9..4de8d01f1 100644 --- a/app/Controllers/authController.php +++ b/app/Controllers/authController.php @@ -223,9 +223,13 @@ class FreshRSS_auth_Controller extends FreshRSS_ActionController { * This action removes all accesses of the current user. */ public function logoutAction(): void { - invalidateHttpCache(); - FreshRSS_Auth::removeAccess(); - Minz_Request::good(_t('feedback.auth.logout.success'), [ 'c' => 'index', 'a' => 'index' ]); + if (Minz_Request::isPost()) { + invalidateHttpCache(); + FreshRSS_Auth::removeAccess(); + Minz_Request::good(_t('feedback.auth.logout.success'), [ 'c' => 'index', 'a' => 'index' ]); + } else { + Minz_Error::error(403); + } } /** |