[damned-lies] Fix csrf protection on reset password form

From: Claude Paroz <claudep src gnome org>
To: commits-list gnome org
Cc:
Subject: [damned-lies] Fix csrf protection on reset password form
Date: Fri, 4 Jun 2010 06:55:03 +0000 (UTC)

commit 8e40d34b84bdbbb21322ee6bddddb9e9a5a66659
Author: Claude Paroz <claude 2xlibre net>
Date:   Fri Jun 4 08:52:26 2010 +0200

    Fix csrf protection on reset password form
    
    Mandatory with Django 1.2. Fixes #620427

 templates/registration/password_reset_form.html |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)
---
diff --git a/templates/registration/password_reset_form.html b/templates/registration/password_reset_form.html
index 880c324..89c33de 100644
--- a/templates/registration/password_reset_form.html
+++ b/templates/registration/password_reset_form.html
@@ -10,7 +10,7 @@
 
 <p>{% trans "Forgotten your password? Enter your e-mail address below, and we'll e-mail instructions for setting a new one." %}</p>
 
-<form action="" method="post">
+<form action="" method="post">{% csrf_token %}
 {% if form.email.errors %}{{ form.email.errors }}{% endif %}
 <p><label for="id_email">{% trans 'E-mail address:' %}</label> {{ form.email }} <input type="submit" value="{% trans 'Reset my password' %}" /></p>
 </form>

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]