aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorDaniel Schadt <kingdread@gmx.de>2022-12-05 23:26:12 +0100
committerDaniel Schadt <kingdread@gmx.de>2022-12-05 23:26:12 +0100
commit019ca1100b09bd98c27ec90998906e21d360ae0a (patch)
tree352dc8fbdbee5e30d02a12020a7156fb8db70c2a
parenta95a9768135bcaaa856a7cca98409a49250c96fa (diff)
downloadfietsboek-019ca1100b09bd98c27ec90998906e21d360ae0a.tar.gz
fietsboek-019ca1100b09bd98c27ec90998906e21d360ae0a.tar.bz2
fietsboek-019ca1100b09bd98c27ec90998906e21d360ae0a.zip
fix CSRF issue for account creation
We forgot to include the CSRF token here.
-rw-r--r--fietsboek/templates/create_account.jinja22
1 files changed, 2 insertions, 0 deletions
diff --git a/fietsboek/templates/create_account.jinja2 b/fietsboek/templates/create_account.jinja2
index 17f96a9..d7b4177 100644
--- a/fietsboek/templates/create_account.jinja2
+++ b/fietsboek/templates/create_account.jinja2
@@ -1,8 +1,10 @@
{% extends "layout.jinja2" %}
+{% import "util.jinja2" as util with context %}
{% block content %}
<div class="container">
<h1>{{ _("page.create_account.title") }}</h1>
<form method="POST" action="{{ request.route_path('create-account') }}" class="needs-validation" novalidate>
+ {{ util.hidden_csrf_input() }}
<div class="row mb-3 justify-content-center">
<div class="col-lg-5">
<div class="form-floating">