From 416d5a12f8e55cef0c83b0a959dc407af250c0fb Mon Sep 17 00:00:00 2001
From: ntimo <git@nowitzki.me>
Date: Thu, 3 Oct 2019 15:06:08 +0200
Subject: [PATCH] [API] Unset POST when only GET is allowed

---
 data/web/json_api.php | 1 +
 1 file changed, 1 insertion(+)

diff --git a/data/web/json_api.php b/data/web/json_api.php
index 2be9dbdb..64d6304b 100644
--- a/data/web/json_api.php
+++ b/data/web/json_api.php
@@ -221,6 +221,7 @@ if (isset($_SESSION['mailcow_cc_role']) || isset($_SESSION['pending_mailcow_cc_u
               'type' => 'error',
               'msg' => 'only GET method is allowed'
           ));
+          unset($_POST);
           die();
         }
         switch ($category) {