Merge pull request #3596 in SW/shopware from sw-15029/5.2/whitelist-swagupdate-controller to 5.2

* commit '48e882a79a0122468ef05edf7966c280d1b9270a':
  SW-15029 - Whitelist SwagUpdate controller actions

Author: bcremer

engine/Shopware/Plugins/Default/Backend/SwagUpdate/Controllers/Backend/SwagUpdate.php

@@ -23,6 +23,7 @@
  */
 
 use Psr\Log\LoggerInterface;
+use Shopware\Components\CSRFWhitelistAware;
 use Shopware\Components\Random;
 use ShopwarePlugins\SwagUpdate\Components\Checks\EmotionTemplateCheck;
 use ShopwarePlugins\SwagUpdate\Components\Checks\IonCubeLoaderCheck;
@@ -47,7 +48,7 @@
  * @package   Shopware\Controllers\Backend\SwagUpdate
  * @copyright Copyright (c) shopware AG (http://www.shopware.de)
  */
-class Shopware_Controllers_Backend_SwagUpdate extends Shopware_Controllers_Backend_ExtJs
+class Shopware_Controllers_Backend_SwagUpdate extends Shopware_Controllers_Backend_ExtJs implements CSRFWhitelistAware
 {
     /**
      * Cache key for update response
@@ -576,4 +577,16 @@ private function getUserLanguage(stdClass $user)
 
         return substr($locale, 0, 2);
     }
+
+    /**
+     * Returns a list with actions which should not be validated for CSRF protection
+     *
+     * @return string[]
+     */
+    public function getWhitelistedCSRFActions()
+    {
+        return [
+            'startUpdate'
+        ];
+    }
 }