X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Fclub%2Fwpia%2Fgigi%2FGigi.java;h=00993b52aa06fa889cc4185207ca87778479a2a2;hb=e6aca75e8a6b981e05cedcfbca640aedde615c77;hp=f4e3f2ba6f8b5b022047c987467c4601383bd3f7;hpb=42222135161915d0e6e05264b3b3aa652af599d0;p=gigi.git

diff --git a/src/club/wpia/gigi/Gigi.java b/src/club/wpia/gigi/Gigi.java
index f4e3f2ba..00993b52 100644
--- a/src/club/wpia/gigi/Gigi.java
+++ b/src/club/wpia/gigi/Gigi.java
@@ -47,7 +47,6 @@ import club.wpia.gigi.pages.Page;
 import club.wpia.gigi.pages.PasswordResetPage;
 import club.wpia.gigi.pages.RootCertPage;
 import club.wpia.gigi.pages.StaticPage;
-import club.wpia.gigi.pages.TestSecure;
 import club.wpia.gigi.pages.Verify;
 import club.wpia.gigi.pages.account.ChangePasswordPage;
 import club.wpia.gigi.pages.account.FindAgentAccess;
@@ -67,6 +66,7 @@ import club.wpia.gigi.pages.admin.support.SupportEnterTicketPage;
 import club.wpia.gigi.pages.admin.support.SupportUserDetailsPage;
 import club.wpia.gigi.pages.error.AccessDenied;
 import club.wpia.gigi.pages.error.PageNotFound;
+import club.wpia.gigi.pages.main.KeyCompromisePage;
 import club.wpia.gigi.pages.main.RegisterPage;
 import club.wpia.gigi.pages.orga.CreateOrgPage;
 import club.wpia.gigi.pages.orga.ViewOrgPage;
@@ -141,17 +141,17 @@ public final class Gigi extends HttpServlet {
             putPage(StatisticsRoles.PATH, new StatisticsRoles(), mainMenu);
             putPage("/about", new AboutPage(), mainMenu);
             putPage(RegisterPage.PATH, new RegisterPage(), mainMenu);
+            putPage(KeyCompromisePage.PATH, new KeyCompromisePage(), mainMenu);
 
-            putPage("/secure", new TestSecure(), null);
             putPage(Verify.PATH, new Verify(), null);
             Menu certificates = createMenu("Certificates");
             putPage(Certificates.PATH + "/*", new Certificates(false), certificates);
             putPage(CertificateAdd.PATH, new CertificateAdd(), certificates);
-            putPage(MailOverview.DEFAULT_PATH, new MailOverview(), certificates);
-            putPage(DomainOverview.PATH, new DomainOverview(), certificates);
-            putPage(EditDomain.PATH + "*", new EditDomain(), null);
 
             Menu wot = createMenu("Verification");
+            putPage(MailOverview.DEFAULT_PATH, new MailOverview(), wot);
+            putPage(DomainOverview.PATH, new DomainOverview(), wot);
+            putPage(EditDomain.PATH + "*", new EditDomain(), null);
             putPage(VerifyPage.PATH + "/*", new VerifyPage(), wot);
             putPage(Points.PATH, new Points(false), wot);
             putPage(RequestTTPPage.PATH, new RequestTTPPage(), wot);
@@ -393,7 +393,12 @@ public final class Gigi extends HttpServlet {
                 resp.sendError(403);
                 return;
             }
-            if (p.beforeTemplate(req, resp)) {
+            try {
+                if (p.beforeTemplate(req, resp)) {
+                    return;
+                }
+            } catch (CSRFException e) {
+                resp.sendError(500, "CSRF invalid");
                 return;
             }
             HashMap<String, Object> vars = new HashMap<String, Object>();