Add missing CSRF token to password change form

author: Vitaly Takmazov 2022-12-03 13:22:33 +0300
committer: Vitaly Takmazov 2022-12-03 13:22:33 +0300
commit: b1bbebb4d68fdcab82015c4cbc5e5e3e26e4b8c1 (patch)
tree: eb68bdfac83cc7a84521e209bfd7ba7494446635 /src/main/resources
parent: 6c42cd62cf0276bd26f0c2ff5b3ac8a7b84e553e (diff)
1 files changed, 2 insertions, 1 deletions
diff --git a/src/main/resources/templates/views/settings_password.html b/src/main/resources/templates/views/settings_password.html
index 99c1676e..c09a97dd 100644
--- a/src/main/resources/templates/views/settings_password.html
+++ b/src/main/resources/templates/views/settings_password.html
@@ -4,6 +4,7 @@
     <fieldset>
         <legend>Changing your password</legend>
         <form action="/settings" method="post">
+            <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" />
             <input type="hidden" name="page" value="password"/>
             <p>Change password: <input type="password" name="password" size="8"/> <input class="Button" type="submit"
                                                                                          value="  Update  "/><br/>
@@ -14,4 +15,4 @@
 {% endblock %}
 {% block "column" %}
 {% include "views/partial/settings_tabs" %}
-{% endblock %}
-\ No newline at end of file
+{% endblock %}
author	Vitaly Takmazov	2022-12-03 13:22:33 +0300
committer	Vitaly Takmazov	2022-12-03 13:22:33 +0300
commit	b1bbebb4d68fdcab82015c4cbc5e5e3e26e4b8c1 (patch)
tree	eb68bdfac83cc7a84521e209bfd7ba7494446635 /src/main/resources
parent	6c42cd62cf0276bd26f0c2ff5b3ac8a7b84e553e (diff)