From 27fe468868ababfb7d4d1350246865ffb7347f44 Mon Sep 17 00:00:00 2001
From: Isaac Connor <isaac@zoneminder.com>
Date: Wed, 9 Aug 2017 11:15:00 -0400
Subject: [PATCH] Don't do csrf for view=video because the output buffering
 will make it run out of ram

---
 web/index.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/web/index.php b/web/index.php
index 6673b3079..69bea52ee 100644
--- a/web/index.php
+++ b/web/index.php
@@ -194,7 +194,7 @@ isset($view) || $view = NULL;
 isset($request) || $request = NULL;
 isset($action) || $action = NULL;
 
-if ( ZM_ENABLE_CSRF_MAGIC && $action != 'login' && $view != 'view_video' && $request != 'control' ) {
+if ( ZM_ENABLE_CSRF_MAGIC && $action != 'login' && $view != 'view_video' && $view != 'video' && $request != 'control' ) {
   require_once( 'includes/csrf/csrf-magic.php' );
   Logger::Debug("Calling csrf_check with the following values: \$request = \"$request\", \$view = \"$view\", \$action = \"$action\"");
   csrf_check();