diff options
author | Dan McGee <dan@archlinux.org> | 2010-06-05 12:58:31 -0500 |
---|---|---|
committer | Dan McGee <dan@archlinux.org> | 2010-06-05 12:58:31 -0500 |
commit | bad2825fab9f45f468414ed551bad9d987923600 (patch) | |
tree | 8e91d017ddbe2f28416395cb43f70644d509bd9f /templates | |
parent | 7646f8ea7ce19b404a0e57c85e5dd589b3a53371 (diff) |
Updates for CSRF protection in Django 1.2.X
Signed-off-by: Dan McGee <dan@archlinux.org>
Diffstat (limited to 'templates')
-rw-r--r-- | templates/devel/index.html | 2 | ||||
-rw-r--r-- | templates/devel/profile.html | 2 | ||||
-rw-r--r-- | templates/general_form.html | 2 | ||||
-rw-r--r-- | templates/mirrors/index.html | 2 | ||||
-rw-r--r-- | templates/news/add.html | 2 | ||||
-rw-r--r-- | templates/news/delete.html | 2 | ||||
-rw-r--r-- | templates/packages/details.html | 2 | ||||
-rw-r--r-- | templates/packages/flag.html | 2 | ||||
-rw-r--r-- | templates/packages/search.html | 2 | ||||
-rw-r--r-- | templates/registration/login.html | 2 | ||||
-rw-r--r-- | templates/todolists/todolist_confirm_delete.html | 2 |
11 files changed, 11 insertions, 11 deletions
diff --git a/templates/devel/index.html b/templates/devel/index.html index 662e8246..25429ecf 100644 --- a/templates/devel/index.html +++ b/templates/devel/index.html @@ -60,7 +60,7 @@ </tbody> </table> - <form id="dash-pkg-notify" method="post" action="/devel/notify/"> + <form id="dash-pkg-notify" method="post" action="/devel/notify/">{% csrf_token %} <fieldset> <p><input id="notify" name="notify" type="checkbox" value="yes" {% if user.get_profile.notify %} checked="checked"{% endif %} /> diff --git a/templates/devel/profile.html b/templates/devel/profile.html index 178a59aa..2c1c658d 100644 --- a/templates/devel/profile.html +++ b/templates/devel/profile.html @@ -6,7 +6,7 @@ <h2>Developer Profile</h2> - <form id="edit-profile-form" method="post" action="."> + <form id="edit-profile-form" method="post" action=".">{% csrf_token %} <fieldset> <legend>Username: <strong>{{ user.username }}</strong></legend> {{ form.as_p }} diff --git a/templates/general_form.html b/templates/general_form.html index d499919a..93e73aca 100644 --- a/templates/general_form.html +++ b/templates/general_form.html @@ -8,7 +8,7 @@ {% if description %}{{description}}{% endif %} - <form class="general-form" method="post" action="."> + <form class="general-form" method="post" action=".">{% csrf_token %} <fieldset> {% for field in form %} <p><label>{{field.label}}{% if field.help_text %}:</label><br /> diff --git a/templates/mirrors/index.html b/templates/mirrors/index.html index b347a086..55c172d7 100644 --- a/templates/mirrors/index.html +++ b/templates/mirrors/index.html @@ -13,7 +13,7 @@ Simply replace the contents of <code>/etc/pacman.d/mirrorlist</code> with the generated code.</p> - <form id="list-generator" method="post" action="."> + <form id="list-generator" method="post" action=".">{% csrf_token %} {{ mirrorlist_form.as_p }} <p><label></label> <input type="submit" value="Generate List" /></p> </form> diff --git a/templates/news/add.html b/templates/news/add.html index 38b5b21d..04a55689 100644 --- a/templates/news/add.html +++ b/templates/news/add.html @@ -10,7 +10,7 @@ <h2>News: Add Article</h2> {% endif %} - <form id="newsform" method="post" action="."> + <form id="newsform" method="post" action=".">{% csrf_token %} <fieldset> {{ form.as_p }} </fieldset> diff --git a/templates/news/delete.html b/templates/news/delete.html index 6a2fa1e8..3e3ba95e 100644 --- a/templates/news/delete.html +++ b/templates/news/delete.html @@ -14,7 +14,7 @@ <p>Are you sure?</p> - <form method="post" action="."> + <form method="post" action=".">{% csrf_token %} <input title="Delete this article" id="delete" name="delete" type="submit" value="Delete" /></p> </form> diff --git a/templates/packages/details.html b/templates/packages/details.html index f60324e8..247b6344 100644 --- a/templates/packages/details.html +++ b/templates/packages/details.html @@ -32,7 +32,7 @@ </ul> {% if user.is_authenticated %} - <form id="pkg-action" method="post" action="/packages/update/"> + <form id="pkg-action" method="post" action="/packages/update/">{% csrf_token %} <div><input type="hidden" name="pkgid" value="{{ pkg.id }}" /></div> <p><input title="Adopt this package" type="submit" class="adopt" name="adopt" value="Adopt" /> <input title="Orphan this package" type="submit" class="disown" name="disown" value="Disown" /></p> diff --git a/templates/packages/flag.html b/templates/packages/flag.html index 71d84982..9a5b123b 100644 --- a/templates/packages/flag.html +++ b/templates/packages/flag.html @@ -31,7 +31,7 @@ <p>Please confirm your flag request for {{pkg.pkgname}}:</p> - <form id="flag-pkg-form" method="post" action="."> + <form id="flag-pkg-form" method="post" action=".">{% csrf_token %} <fieldset> {{ form.as_p }} </fieldset> diff --git a/templates/packages/search.html b/templates/packages/search.html index 6a22b7d8..6ed7f95f 100644 --- a/templates/packages/search.html +++ b/templates/packages/search.html @@ -69,7 +69,7 @@ </div> {% endif %} - <form id="pkglist-results-form" method="post" action="/packages/update/"> + <form id="pkglist-results-form" method="post" action="/packages/update/">{% csrf_token %} <table class="results"> <thead> diff --git a/templates/registration/login.html b/templates/registration/login.html index 2f626566..867910ba 100644 --- a/templates/registration/login.html +++ b/templates/registration/login.html @@ -10,7 +10,7 @@ <p class="login-error">Your username and password didn't match. Please try again.</p> {% endif %} - <form id="dev-login-form" method="post" action="."> + <form id="dev-login-form" method="post" action=".">{% csrf_token %} <fieldset> <legend>Enter login credentials</legend> {{ form.as_p }} diff --git a/templates/todolists/todolist_confirm_delete.html b/templates/todolists/todolist_confirm_delete.html index c1e87834..39c9f0da 100644 --- a/templates/todolists/todolist_confirm_delete.html +++ b/templates/todolists/todolist_confirm_delete.html @@ -14,7 +14,7 @@ <p>Are you sure?</p> - <form id="delete-todo-form" method="post" action="."> + <form id="delete-todo-form" method="post" action=".">{% csrf_token %} <p><input type="submit" value="Delete" /></p> </form> |