From: Jakub Vrana <jakub@vrana.cz>
Date: Sun, 6 Apr 2025 14:41:25 +0000 (+0200)
Subject: Update comment
X-Git-Tag: v5.2.0~40
X-Git-Url: https://git.joonet.de/?a=commitdiff_plain;h=833fa22e3fe58fe48ab2eb19f6c24197327de0da;p=adminer.git

Update comment
---

diff --git a/plugins/config.php b/plugins/config.php
index 5e9e3bfd..f5481f37 100644
--- a/plugins/config.php
+++ b/plugins/config.php
@@ -12,7 +12,7 @@ class AdminerConfig extends Adminer\Plugin {
 		static $called; // this function is called from page_header() and it also calls page_header()
 		if (isset($_GET["config"]) && !$called && Adminer\connection()) {
 			$called = true;
-			if ($_GET["config"]) { // using $_GET allows sharing links between devices but doesn't protect against CSRF
+			if ($_GET["config"]) { // using $_GET allows sharing links between devices but doesn't protect against same-site RF; CSRF is protected by SameSite cookies
 				Adminer\save_settings($_GET["config"], "adminer_config");
 				Adminer\redirect(null, $this->lang('Configuration saved.'));
 			}