From 833fa22e3fe58fe48ab2eb19f6c24197327de0da Mon Sep 17 00:00:00 2001
From: Jakub Vrana <jakub@vrana.cz>
Date: Sun, 6 Apr 2025 16:41:25 +0200
Subject: [PATCH] Update comment

---
 plugins/config.php | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/config.php b/plugins/config.php
index 5e9e3bfd..f5481f37 100644
--- a/plugins/config.php
+++ b/plugins/config.php
@@ -12,7 +12,7 @@ class AdminerConfig extends Adminer\Plugin {
 		static $called; // this function is called from page_header() and it also calls page_header()
 		if (isset($_GET["config"]) && !$called && Adminer\connection()) {
 			$called = true;
-			if ($_GET["config"]) { // using $_GET allows sharing links between devices but doesn't protect against CSRF
+			if ($_GET["config"]) { // using $_GET allows sharing links between devices but doesn't protect against same-site RF; CSRF is protected by SameSite cookies
 				Adminer\save_settings($_GET["config"], "adminer_config");
 				Adminer\redirect(null, $this->lang('Configuration saved.'));
 			}