diff options
author | John 'Warthog9' Hawley <warthog9@kernel.org> | 2010-06-24 09:38:06 -0700 |
---|---|---|
committer | Jeremy Kerr <jk@ozlabs.org> | 2010-08-10 11:57:56 +0800 |
commit | 482ba5ac5e2fb71a8ae26ae9d5c5c72c33c35b23 (patch) | |
tree | 30af42f92bc0143daf7fb17fde0d6e8043ace1ea /templates/patchwork/patch-list.html | |
parent | 6f02427039f0a80484f99ebd4595e2ecdfc907bb (diff) | |
download | patchwork-482ba5ac5e2fb71a8ae26ae9d5c5c72c33c35b23.tar.bz2 patchwork-482ba5ac5e2fb71a8ae26ae9d5c5c72c33c35b23.tar.xz |
templates: Add CSRF (cross-site request forgery) values to form posts
This is a fairly simple patch, basically it does what the error message
told me to do:
"add In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL."
Signed-off-by: John 'Warthog9' Hawley <warthog9@kernel.org>
Diffstat (limited to 'templates/patchwork/patch-list.html')
-rw-r--r-- | templates/patchwork/patch-list.html | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/templates/patchwork/patch-list.html b/templates/patchwork/patch-list.html index bc9abe9..fe4d606 100644 --- a/templates/patchwork/patch-list.html +++ b/templates/patchwork/patch-list.html @@ -12,6 +12,7 @@ {% if order.editable %} <td class="patchlistreorder"> <form method="post" id="reorderform"> + {% csrf_token %} <input type="hidden" name="form" value="reorderform"/> <input type="hidden" name="order_start" value="0"/> <span id="reorderhelp"></span> @@ -33,6 +34,7 @@ {% endif %} <form method="post"> +{% csrf_token %} <input type="hidden" name="form" value="patchlistform"/> <input type="hidden" name="project" value="{{project.id}}"/> <table class="patchlist" id="patchlist"> |