Commit fd0b5516 authored by Nick Martynenko's avatar Nick Martynenko Committed by Matija Obreza
Browse files

CSRF

parent 77a3b7c6
...@@ -66,6 +66,8 @@ ...@@ -66,6 +66,8 @@
</a> </a>
</div> </div>
</div> </div>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form> </form>
<content tag="javascript"> <content tag="javascript">
......
...@@ -61,6 +61,8 @@ ...@@ -61,6 +61,8 @@
<div class="form-actions"> <div class="form-actions">
<input class="btn btn-primary" type="submit" value="<spring:message code="request.start-request" />" /> <input class="btn btn-primary" type="submit" value="<spring:message code="request.start-request" />" />
</div> </div>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form> </form>
</c:if> </c:if>
......
...@@ -29,6 +29,8 @@ ...@@ -29,6 +29,8 @@
<div class="form-actions"> <div class="form-actions">
<input class="btn btn-primary" type="submit" value="<spring:message code="request.start-request" />" /> <input class="btn btn-primary" type="submit" value="<spring:message code="request.start-request" />" />
</div> </div>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form> </form>
</body> </body>
......
...@@ -64,6 +64,8 @@ ...@@ -64,6 +64,8 @@
<a href="<c:url value="/sel/clear" />"><button class="btn" type="button">Clear list</button></a> <a href="<c:url value="/sel/clear" />"><button class="btn" type="button">Clear list</button></a>
<a href="<c:url value="/sel/map" />"><button class="btn" type="button">Display on map</button></a> <a href="<c:url value="/sel/map" />"><button class="btn" type="button">Display on map</button></a>
</div> </div>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form> </form>
</c:if> </c:if>
...@@ -81,6 +83,8 @@ ...@@ -81,6 +83,8 @@
<div class="form-actions clearfix"> <div class="form-actions clearfix">
<input type="submit" class="btn" value="<spring:message code="selection.add-many" />" /> <input type="submit" class="btn" value="<spring:message code="selection.add-many" />" />
</div> </div>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form> </form>
</c:if> </c:if>
</body> </body>
......
...@@ -26,6 +26,8 @@ ...@@ -26,6 +26,8 @@
</a> </a>
</div> </div>
</div> </div>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form> </form>
</body> </body>
</html> </html>
\ No newline at end of file
...@@ -45,6 +45,8 @@ ...@@ -45,6 +45,8 @@
</a> </a>
</div> </div>
</div> </div>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form> </form>
</body> </body>
</html> </html>
\ No newline at end of file
...@@ -21,6 +21,8 @@ ...@@ -21,6 +21,8 @@
<input type="submit" value="<spring:message code="userprofile.email.send" />" class="btn btn-primary" /> <input type="submit" value="<spring:message code="userprofile.email.send" />" class="btn btn-primary" />
</div> </div>
</div> </div>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form> </form>
</body> </body>
......
...@@ -28,6 +28,8 @@ ...@@ -28,6 +28,8 @@
<input type="submit" value="<spring:message code="userprofile.password" />" class="btn btn-primary" /> <input type="submit" value="<spring:message code="userprofile.password" />" class="btn btn-primary" />
</div> </div>
</div> </div>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form> </form>
</body> </body>
</html> </html>
\ No newline at end of file
...@@ -25,6 +25,8 @@ ...@@ -25,6 +25,8 @@
<spring:message code="validate.email.invalid.key"/> <spring:message code="validate.email.invalid.key"/>
</div> </div>
</c:if> </c:if>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form> </form>
......
...@@ -32,6 +32,8 @@ ...@@ -32,6 +32,8 @@
<input type="submit" value="<spring:message code="save"/>" class="btn btn-primary" /> <a href="<c:url value="/wiews/${faoInstitute.code.toLowerCase()}" />" class="btn btn-default"> <spring:message code="cancel" /> <input type="submit" value="<spring:message code="save"/>" class="btn btn-primary" /> <a href="<c:url value="/wiews/${faoInstitute.code.toLowerCase()}" />" class="btn btn-default"> <spring:message code="cancel" />
</a> </a>
<!-- CSRF protection -->
<input type="hidden" name="${_csrf.parameterName}" value="${_csrf.token}"/>
</form> </form>
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment