Do not use multipart forms where possible

* Pass csrf token as parameter to multipart form
author: Vitaly Takmazov 2022-12-20 02:21:22 +0300
committer: Vitaly Takmazov 2022-12-20 02:21:22 +0300
commit: f0e10dc93f400e8ba979760a1c7af9d6e53cd1ef (patch)
tree: f5acdbc7137bcb2622fc0bac4512649e9fa3d1a0 /src/main/resources/templates/views/settings_about.html
parent: 95b44e16a48c32b7e78a42cacb7a1dbaa41ce272 (diff)
1 files changed, 1 insertions, 2 deletions
diff --git a/src/main/resources/templates/views/settings_about.html b/src/main/resources/templates/views/settings_about.html
index 94cd9058..846a3d11 100644
--- a/src/main/resources/templates/views/settings_about.html
+++ b/src/main/resources/templates/views/settings_about.html
@@ -1,8 +1,7 @@
 {% extends "layouts/default" %}
 {% block content %}
 <article>
-    <form action="/settings" method="POST" enctype="multipart/form-data">
-        <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" />
+    <form action="/settings?{{_csrf.parameterName}}={{_csrf.token}}" method="POST" enctype="multipart/form-data">
         <p>Full name: <input type="text" name="fullname" value="{{ userinfo.fullName }}"/></p>
         <p>Country: <input type="text" name="country" value="{{ userinfo.country }}"/></p>
         <p>URL: <input type="text" name="url" value="{{ userinfo.url }}" size="32"/><br/>
author	Vitaly Takmazov	2022-12-20 02:21:22 +0300
committer	Vitaly Takmazov	2022-12-20 02:21:22 +0300
commit	f0e10dc93f400e8ba979760a1c7af9d6e53cd1ef (patch)
tree	f5acdbc7137bcb2622fc0bac4512649e9fa3d1a0 /src/main/resources/templates/views/settings_about.html
parent	95b44e16a48c32b7e78a42cacb7a1dbaa41ce272 (diff)