perl-CGI-FormMagick/sme10/perl-CGI-FormMagick-0.93-bz10902-csrf-timeout.patch

diff -Nur --no-dereference perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick/Events.pm perl-CGI-FormMagick-0.93/lib/CGI/FormMagick/Events.pm
--- perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick/Events.pm   2021-03-06 01:02:20.026000000 -0500
+++ perl-CGI-FormMagick-0.93/lib/CGI/FormMagick/Events.pm       2021-03-06 15:12:29.451000000 -0500
@@ -83,8 +83,7 @@
         $self->debug_msg("Request method should be POST.")  unless (($self->{cgi}->request_method || '') eq 'POST') ;
         return unless (($self->{cgi}->request_method || '') eq 'POST');
         if ($self->{csrf} and ( ($self->{cgi}->param('csrf_token') || '') ne $self->{cgi}->param('csrf_token_compare')
-           or $self->{cgi}->param('csrf_timestamp') + 120  < time ) ) {
-           # only 3 min to validate form
+           or $self->{cgi}->param('csrf_timestamp') + $self->{'csrfdelay'}  < time ) ) {
            $self->debug_msg("SRF protection blocked request");
             warn "CSRF protection blocked request\n";
             return $self->error($self->localise('CSRF_VALIDATION_FAILURE'));
@@ -146,8 +145,7 @@
     $self->debug_msg("Request method should be POST.")  unless (($self->{cgi}->request_method || '') eq 'POST') ;
     return unless (($self->{cgi}->request_method || '') eq 'POST');
     if ($self->{csrf} and ( ($self->{cgi}->param('csrf_token') || '') ne $self->{cgi}->param('csrf_token_compare')
-       or $self->{cgi}->param('csrf_timestamp') + 120  < time ) ) {
-        # only 3 min to validate form
+       or $self->{cgi}->param('csrf_timestamp') + $self->{'csrfdelay'}  < time ) ) {
         $self->debug_msg("SRF protection blocked request");
         warn "CSRF protection blocked request\n";
         return $self->error($self->localise('CSRF_VALIDATION_FAILURE'));
diff -Nur --no-dereference perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick.pm perl-CGI-FormMagick-0.93/lib/CGI/FormMagick.pm
--- perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick.pm  2021-03-06 01:02:20.026000000 -0500
+++ perl-CGI-FormMagick-0.93/lib/CGI/FormMagick.pm      2021-03-06 15:10:37.562000000 -0500
@@ -183,6 +183,7 @@
     $self->{cgi}        = $args{cgi};
     $self->{debug}      = $args{debug}      || 0;
     $self->{csrf}       = $args{csrf} || 0;
+    $self->{csrfdelay}       = $args{csrfdelay} || 180;
 
     if ($self->{cgi}) {
         if ($args{sessiondir}) {
1	jpp	1.2	diff -Nur --no-dereference perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick/Events.pm perl-CGI-FormMagick-0.93/lib/CGI/FormMagick/Events.pm
2			--- perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick/Events.pm 2021-03-06 01:02:20.026000000 -0500
3			+++ perl-CGI-FormMagick-0.93/lib/CGI/FormMagick/Events.pm 2021-03-06 15:12:29.451000000 -0500
4			@@ -83,8 +83,7 @@
5			$self->debug_msg("Request method should be POST.") unless (($self->{cgi}->request_method \|\| '') eq 'POST') ;
6			return unless (($self->{cgi}->request_method \|\| '') eq 'POST');
7			if ($self->{csrf} and ( ($self->{cgi}->param('csrf_token') \|\| '') ne $self->{cgi}->param('csrf_token_compare')
8			- or $self->{cgi}->param('csrf_timestamp') + 120 < time ) ) {
9			- # only 3 min to validate form
10			+ or $self->{cgi}->param('csrf_timestamp') + $self->{'csrfdelay'} < time ) ) {
11			$self->debug_msg("SRF protection blocked request");
12			warn "CSRF protection blocked request\n";
13			return $self->error($self->localise('CSRF_VALIDATION_FAILURE'));
14			@@ -146,8 +145,7 @@
15			$self->debug_msg("Request method should be POST.") unless (($self->{cgi}->request_method \|\| '') eq 'POST') ;
16			return unless (($self->{cgi}->request_method \|\| '') eq 'POST');
17			if ($self->{csrf} and ( ($self->{cgi}->param('csrf_token') \|\| '') ne $self->{cgi}->param('csrf_token_compare')
18			- or $self->{cgi}->param('csrf_timestamp') + 120 < time ) ) {
19			- # only 3 min to validate form
20			+ or $self->{cgi}->param('csrf_timestamp') + $self->{'csrfdelay'} < time ) ) {
21			$self->debug_msg("SRF protection blocked request");
22			warn "CSRF protection blocked request\n";
23			return $self->error($self->localise('CSRF_VALIDATION_FAILURE'));
24			diff -Nur --no-dereference perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick.pm perl-CGI-FormMagick-0.93/lib/CGI/FormMagick.pm
25			--- perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick.pm 2021-03-06 01:02:20.026000000 -0500
26			+++ perl-CGI-FormMagick-0.93/lib/CGI/FormMagick.pm 2021-03-06 15:10:37.562000000 -0500
27			@@ -183,6 +183,7 @@
28			$self->{cgi} = $args{cgi};
29			$self->{debug} = $args{debug} \|\| 0;
30			$self->{csrf} = $args{csrf} \|\| 0;
31			+ $self->{csrfdelay} = $args{csrfdelay} \|\| 180;
32
33			if ($self->{cgi}) {
34			if ($args{sessiondir}) {