Mercurial > public > sg101

diff gpp/templates/messages/view.html @ 194:6a5549c2efb5

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Implement #62, add support for CSRF protection.
author Brian Neal <bgneal@gmail.com>
date Sat, 03 Apr 2010 20:00:56 +0000
parents 7ad1f3e77cd9
children daa2916f5b34
line wrap: on
line diff
--- a/gpp/templates/messages/view.html	Sat Apr 03 02:15:04 2010 +0000
+++ b/gpp/templates/messages/view.html	Sat Apr 03 20:00:56 2010 +0000
@@ -21,13 +21,13 @@
 </div>
 {% endif %}
 {% if is_deleted %}
-<form action="{% url messages-undelete msg.id %}" method="post">
+<form action="{% url messages-undelete msg.id %}" method="post">{% csrf_token %}
    {% if box %}<input type="hidden" name="box" value="{{ box }}" />{% endif %}
    <input type="submit" value="Undelete" />
 </form>
 {% else %}
 <a href="{% url messages-reply msg.id %}{% if box %}?box={{ box }}{% endif %}">Reply</a> |
-<form action="{% url messages-delete msg.id %}" method="post" class="messages-button">
+<form action="{% url messages-delete msg.id %}" method="post" class="messages-button">{% csrf_token %}
    {% if box %}<input type="hidden" name="box" value="{{ box }}" />{% endif %}
    <input type="submit" value="Delete" />
 </form>