diff options
Diffstat (limited to 'app/Controllers/feedController.php')
| -rwxr-xr-x | app/Controllers/feedController.php | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/app/Controllers/feedController.php b/app/Controllers/feedController.php index 4cd5e7369..977143882 100755 --- a/app/Controllers/feedController.php +++ b/app/Controllers/feedController.php @@ -21,6 +21,13 @@ class FreshRSS_feed_Controller extends FreshRSS_ActionController { $token_is_ok = ($token != '' && $token == $token_param); $action = Minz_Request::actionName(); $allow_anonymous_refresh = FreshRSS_Context::systemConf()->allow_anonymous_refresh; + + // Likely coming from bookmarklet, redirect to the login page + if ($action === 'add') { + Minz_Request::forward(['c' => 'auth', 'a' => 'login']); + return; + } + if ($action !== 'actualize' || !($allow_anonymous_refresh || $token_is_ok)) { Minz_Error::error(403); |