perl-CGI-FormMagick/sme10/perl-CGI-FormMagick-0.93-bz10902-csrf-timeout.patch

diff -Nur --no-dereference perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick/Events.pm perl-CGI-FormMagick-0.93/lib/CGI/FormMagick/Events.pm
--- perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick/Events.pm   2021-03-06 01:02:20.026000000 -0500
+++ perl-CGI-FormMagick-0.93/lib/CGI/FormMagick/Events.pm       2021-03-06 15:12:29.451000000 -0500
@@ -83,8 +83,7 @@
         $self->debug_msg("Request method should be POST.")  unless (($self->{cgi}->request_method || '') eq 'POST') ;
         return unless (($self->{cgi}->request_method || '') eq 'POST');
         if ($self->{csrf} and ( ($self->{cgi}->param('csrf_token') || '') ne $self->{cgi}->param('csrf_token_compare')
-           or $self->{cgi}->param('csrf_timestamp') + 120  < time ) ) {
-           # only 3 min to validate form
+           or $self->{cgi}->param('csrf_timestamp') + $self->{'csrfdelay'}  < time ) ) {
            $self->debug_msg("SRF protection blocked request");
             warn "CSRF protection blocked request\n";
             return $self->error($self->localise('CSRF_VALIDATION_FAILURE'));
@@ -146,8 +145,7 @@
     $self->debug_msg("Request method should be POST.")  unless (($self->{cgi}->request_method || '') eq 'POST') ;
     return unless (($self->{cgi}->request_method || '') eq 'POST');
     if ($self->{csrf} and ( ($self->{cgi}->param('csrf_token') || '') ne $self->{cgi}->param('csrf_token_compare')
-       or $self->{cgi}->param('csrf_timestamp') + 120  < time ) ) {
-        # only 3 min to validate form
+       or $self->{cgi}->param('csrf_timestamp') + $self->{'csrfdelay'}  < time ) ) {
         $self->debug_msg("SRF protection blocked request");
         warn "CSRF protection blocked request\n";
         return $self->error($self->localise('CSRF_VALIDATION_FAILURE'));
diff -Nur --no-dereference perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick.pm perl-CGI-FormMagick-0.93/lib/CGI/FormMagick.pm
--- perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick.pm  2021-03-06 01:02:20.026000000 -0500
+++ perl-CGI-FormMagick-0.93/lib/CGI/FormMagick.pm      2021-03-06 15:10:37.562000000 -0500
@@ -183,6 +183,7 @@
     $self->{cgi}        = $args{cgi};
     $self->{debug}      = $args{debug}      || 0;
     $self->{csrf}       = $args{csrf} || 0;
+    $self->{csrfdelay}       = $args{csrfdelay} || 180;
 
     if ($self->{cgi}) {
         if ($args{sessiondir}) {
1	diff -Nur --no-dereference perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick/Events.pm perl-CGI-FormMagick-0.93/lib/CGI/FormMagick/Events.pm
2	--- perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick/Events.pm 2021-03-06 01:02:20.026000000 -0500
3	+++ perl-CGI-FormMagick-0.93/lib/CGI/FormMagick/Events.pm 2021-03-06 15:12:29.451000000 -0500
4	@@ -83,8 +83,7 @@
5	$self->debug_msg("Request method should be POST.") unless (($self->{cgi}->request_method \|\| '') eq 'POST') ;
6	return unless (($self->{cgi}->request_method \|\| '') eq 'POST');
7	if ($self->{csrf} and ( ($self->{cgi}->param('csrf_token') \|\| '') ne $self->{cgi}->param('csrf_token_compare')
8	- or $self->{cgi}->param('csrf_timestamp') + 120 < time ) ) {
9	- # only 3 min to validate form
10	+ or $self->{cgi}->param('csrf_timestamp') + $self->{'csrfdelay'} < time ) ) {
11	$self->debug_msg("SRF protection blocked request");
12	warn "CSRF protection blocked request\n";
13	return $self->error($self->localise('CSRF_VALIDATION_FAILURE'));
14	@@ -146,8 +145,7 @@
15	$self->debug_msg("Request method should be POST.") unless (($self->{cgi}->request_method \|\| '') eq 'POST') ;
16	return unless (($self->{cgi}->request_method \|\| '') eq 'POST');
17	if ($self->{csrf} and ( ($self->{cgi}->param('csrf_token') \|\| '') ne $self->{cgi}->param('csrf_token_compare')
18	- or $self->{cgi}->param('csrf_timestamp') + 120 < time ) ) {
19	- # only 3 min to validate form
20	+ or $self->{cgi}->param('csrf_timestamp') + $self->{'csrfdelay'} < time ) ) {
21	$self->debug_msg("SRF protection blocked request");
22	warn "CSRF protection blocked request\n";
23	return $self->error($self->localise('CSRF_VALIDATION_FAILURE'));
24	diff -Nur --no-dereference perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick.pm perl-CGI-FormMagick-0.93/lib/CGI/FormMagick.pm
25	--- perl-CGI-FormMagick-0.93.old/lib/CGI/FormMagick.pm 2021-03-06 01:02:20.026000000 -0500
26	+++ perl-CGI-FormMagick-0.93/lib/CGI/FormMagick.pm 2021-03-06 15:10:37.562000000 -0500
27	@@ -183,6 +183,7 @@
28	$self->{cgi} = $args{cgi};
29	$self->{debug} = $args{debug} \|\| 0;
30	$self->{csrf} = $args{csrf} \|\| 0;
31	+ $self->{csrfdelay} = $args{csrfdelay} \|\| 180;
32
33	if ($self->{cgi}) {
34	if ($args{sessiondir}) {