From 016b478380654b6426ff049a4c91206fab0c767a Mon Sep 17 00:00:00 2001
From: rudolfkoenig <>
Date: Mon, 6 Feb 2017 14:04:27 +0000
Subject: [PATCH] 01_FHEMWEB.pm: csrf cleaning

git-svn-id: https://svn.fhem.de/fhem/trunk@13344 2b470e98-0d58-463d-a4d8-8e2adae1ed80
---
 fhem/FHEM/01_FHEMWEB.pm | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

diff --git a/fhem/FHEM/01_FHEMWEB.pm b/fhem/FHEM/01_FHEMWEB.pm
index 0607443f4..b1f71776f 100755
--- a/fhem/FHEM/01_FHEMWEB.pm
+++ b/fhem/FHEM/01_FHEMWEB.pm
@@ -1056,7 +1056,7 @@ FW_addLinks($)
   foreach my $line (@lines) {
     $ret .= "\n" if( $ret );
     foreach my $word ( split( / /, $line ) ) {
-      $word = "<a href=\"$FW_ME$FW_subdir?detail=$word$FW_CSRF\">$word</a>"
+      $word = "<a href=\"$FW_ME$FW_subdir?detail=$word\">$word</a>"
             if( $defs{$word} );
       $ret .= "$word ";
     }
@@ -2259,7 +2259,8 @@ FW_pH(@)
   my ($link, $txt, $td, $class, $doRet,$nonl) = @_;
   my $ret;
 
-  $link = ($link =~ m,^/,) ? "$link$FW_CSRF" : "$FW_ME$FW_subdir?$link$FW_CSRF";
+  $link .= $FW_CSRF if($link =~ m/cmd/);
+  $link = ($link =~ m,^/,) ? $link : "$FW_ME$FW_subdir?$link";
   
   # Using onclick, as href starts safari in a webapp.
   # Known issue: the pointer won't change