Mercurial > p > roundup > code
diff website/issues/html/user.register.html @ 5291:f63a2b15e628
Adding @csrf tokens to all forms using post method.
| author | John Rouillard <rouilj@ieee.org> |
|---|---|
| date | Sun, 24 Sep 2017 21:17:51 -0400 |
| parents | c2d0d3e9099d |
| children | aae0c29ca35d |
line wrap: on
line diff
--- a/website/issues/html/user.register.html Sun Sep 24 21:14:12 2017 -0400 +++ b/website/issues/html/user.register.html Sun Sep 24 21:17:51 2017 -0400 @@ -68,6 +68,8 @@ <input type="hidden" name="@required" value="username,password,address"> <input type="hidden" name="@action" value="register"> <input type="submit" name="submit" value="Register" i18n:attributes="value"> + <input name="@csrf" type="hidden" + tal:attributes="value python:utils.anti_csrf_nonce()"> </td> </tr> </table>