diff options
| author |  Vitaly Takmazov | 2022-12-20 16:58:42 +0300 |
|---|---|---|
| committer | Vitaly Takmazov | 2022-12-20 16:58:42 +0300 |
| commit | 1d1924a5c85775721a89378ca39a712f336b8f74 (patch) | |
| tree | 8edf5478e0bccb15b69288766fe1efc9e02e5218 /src/main/resources/templates/views/settings_main.html | |
| parent | f0e10dc93f400e8ba979760a1c7af9d6e53cd1ef (diff) | |
Disable CSRF entirely
Diffstat (limited to 'src/main/resources/templates/views/settings_main.html')
| -rw-r--r-- | src/main/resources/templates/views/settings_main.html | 17 |
1 files changed, 4 insertions, 13 deletions
diff --git a/src/main/resources/templates/views/settings_main.html b/src/main/resources/templates/views/settings_main.html index c819177e..0c0853f5 100644 --- a/src/main/resources/templates/views/settings_main.html +++ b/src/main/resources/templates/views/settings_main.html @@ -6,7 +6,6 @@ <h2 style="color: red; padding: 20px;">Verify your account by adding email or social account</h2> {% endif %} <form action="/settings" method="POST"> - <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" /> <fieldset> <legend>Notification options</legend> <p><input type="checkbox" name="jnotify" value="1" {% if notify_options.repliesEnabled %} @@ -22,8 +21,7 @@ <legend style="background: url(/durov.png) no-repeat; padding-left: 58px; line-height: 48px; background-size: contain;"> Telegram</legend> {% if telegram_name is not empty %} - <form action="/settings" method="post"> - <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" /> + <form action="/settings" method="POST"> <div>Telegram: <b>{{ telegram_name }}</b> — <input type="hidden" name="page" value="telegram-del"/> <input type="submit" value=" Disable " {% if not beans.userServiceImpl.canDeleteTelegramUser(visitor) %}disabled="disabled"{% endif %} class="Button" /> @@ -36,7 +34,6 @@ </fieldset> {% if jids | length > 0 %} <form action="/settings" method="POST"> - <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" /> <fieldset> <legend style="background: url(//static.juick.com/settings/xmpp.png) no-repeat; padding-left: 58px; line-height: 48px;"> XMPP accounts @@ -66,7 +63,6 @@ E-mail </legend> <form action="/settings" method="POST"> - <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" /> <p>Add account:<br/> <input type="text" name="account"/> <input type="hidden" name="page" value="email-add"/> @@ -74,7 +70,6 @@ </p> </form> <form action="/settings" method="POST"> - <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" /> <p>Your accounts:</p> <p> {% for email in emails %} @@ -92,7 +87,6 @@ {% if emails is not empty %} <!--email_off--> <form action="/settings" method="POST"> - <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" /> <p>You can receive notifications to email:<br/> Sent to <select name="account"> <option value="">Disabled</option> @@ -117,8 +111,7 @@ </legend> {% if fbstatus.connected %} {% if fbstatus.crosspostEnabled %} - <form action="/settings" method="post"> - <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" /> + <form action="/settings" method="POST"> <div> Facebook: <b>Enabled</b> — <input type="hidden" name="page" value="facebook-disable"/> @@ -126,8 +119,7 @@ </div> </form> {% else %} - <form action="/settings" method="post"> - <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" /> + <form action="/settings" method="POST"> <div> Facebook: <b>Disabled</b> — <input type="hidden" name="page" value="facebook-enable"/> @@ -143,8 +135,7 @@ <legend style="background: url(//static.juick.com/settings/twitter.png) no-repeat; padding-left: 58px; line-height: 48px;"> Twitter</legend> {% if twitter_name is not empty %} - <form action="/settings" method="post"> - <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" /> + <form action="/settings" method="POST"> <div>Twitter: <b>{{ twitter_name }}</b> — <input type="hidden" name="page" value="twitter-del"/> <input type="submit" class="Button" value=" Disable "/> |