diff options
author | Jo-Philipp Wich <jow@openwrt.org> | 2015-10-07 12:24:51 +0200 |
---|---|---|
committer | Jo-Philipp Wich <jow@openwrt.org> | 2015-10-07 12:24:58 +0200 |
commit | 3f29078fb938be66a0eb43bf50819c5f15e6d606 (patch) | |
tree | 496e40ce910a10144d883d37c23bd5ab308423ac /modules/luci-base/luasrc/view | |
parent | 38a9993bd1bf0024639e19a9c25328a9d5d5954e (diff) |
luci-base: protect simpleforms with CSRF tokens
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
Diffstat (limited to 'modules/luci-base/luasrc/view')
-rw-r--r-- | modules/luci-base/luasrc/view/cbi/simpleform.htm | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/modules/luci-base/luasrc/view/cbi/simpleform.htm b/modules/luci-base/luasrc/view/cbi/simpleform.htm index 437a07a8bd..78f5c5a544 100644 --- a/modules/luci-base/luasrc/view/cbi/simpleform.htm +++ b/modules/luci-base/luasrc/view/cbi/simpleform.htm @@ -2,6 +2,7 @@ <form method="post" enctype="multipart/form-data" action="<%=REQUEST_URI%>"> <div> <script type="text/javascript" src="<%=resource%>/cbi.js"></script> + <input type="hidden" name="token" value="<%=token%>" /> <input type="hidden" name="cbi.submit" value="1" /> </div> <% end %> |