From 0fa6129958d7b2add26f733dba925c53db4f5e06 Mon Sep 17 00:00:00 2001
From: Zehir <zehir@zorim.fr>
Date: Mon, 6 May 2024 22:15:01 +0200
Subject: [PATCH] Remove referer filter on deletePassword endpoint (#7749)

---
 rest_configuration.cpp | 8 +-------
 1 file changed, 1 insertion(+), 7 deletions(-)

diff --git a/rest_configuration.cpp b/rest_configuration.cpp
index eb0d748948..02c260d35a 100644
--- a/rest_configuration.cpp
+++ b/rest_configuration.cpp
@@ -2727,16 +2727,10 @@ int DeRestPluginPrivate::changePassword(const ApiRequest &req, ApiResponse &rsp)
  */
 int DeRestPluginPrivate::deletePassword(const ApiRequest &req, ApiResponse &rsp)
 {
-    // reset only allowed for certain referers
     bool ok = true;
-    QString referer = req.hdr.value(QLatin1String("Referer"));
-    if (referer.isEmpty() || !(referer.contains(QLatin1String("login.html")) || referer.contains(QLatin1String("login2.html"))))
-    {
-        ok = false;
-    }
 
     // reset only allowed within first 10 minutes after startup
-    if (ok && getUptime() > 600)
+    if (getUptime() > 600)
     {
         ok = false;
     }