diff options
Diffstat (limited to 'src/main/resources')
-rw-r--r-- | src/main/resources/application.properties | 1 | ||||
-rw-r--r-- | src/main/resources/templates/layouts/default.html | 4 | ||||
-rw-r--r-- | src/main/resources/templates/layouts/login.html | 3 | ||||
-rw-r--r-- | src/main/resources/templates/views/post.html | 1 |
4 files changed, 6 insertions, 3 deletions
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index d176bb5a..df575a3c 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -1,4 +1,5 @@ server.servlet.session.tracking-modes=cookie +spring.mvc.pathmatch.matching-strategy=ant-path-matcher spring.jackson.default-property-inclusion=non-default spring.jackson.serialization.write-dates-as-timestamps=false spring.jackson.serialization.write-empty-json-arrays=true diff --git a/src/main/resources/templates/layouts/default.html b/src/main/resources/templates/layouts/default.html index a2665364..9167dbfb 100644 --- a/src/main/resources/templates/layouts/default.html +++ b/src/main/resources/templates/layouts/default.html @@ -35,7 +35,7 @@ <link rel="manifest" href="//i.juick.com/manifest.json" /> </head> -<body id="body" {% if visitor.uid > 0 %}data-hash="{{visitor.authHash}}" {% endif %}> +<body id="body" {% if visitor.uid > 0 %}data-hash="{{visitor.authHash}}" {% else %}data-token="{{_csrf.token}}" {% endif %}> <div id="app"> {% include "views/partial/navigation" %} <div id="content_wrapper"> @@ -53,4 +53,4 @@ </div> </body> -</html>
\ No newline at end of file +</html> diff --git a/src/main/resources/templates/layouts/login.html b/src/main/resources/templates/layouts/login.html index e89f6790..86eb45fa 100644 --- a/src/main/resources/templates/layouts/login.html +++ b/src/main/resources/templates/layouts/login.html @@ -266,6 +266,7 @@ <div id="signinform"> <form action="/login" method="POST"> <p class="err">{{ authErrorMessage | default('') }}</p> + <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" /> <input class="txt" type="text" name="username" placeholder='{{ i18n("messages","label.username") }}' id="nickinput" autocomplete="username" /> <input class="txt" type="password" name="password" @@ -277,4 +278,4 @@ </body> -</html>
\ No newline at end of file +</html> diff --git a/src/main/resources/templates/views/post.html b/src/main/resources/templates/views/post.html index a77fa3bd..f1070d7a 100644 --- a/src/main/resources/templates/views/post.html +++ b/src/main/resources/templates/views/post.html @@ -5,6 +5,7 @@ <form id="postmsg"> <p style="text-align: left;"> <b>Фото:</b> <span id="attachmentfile"> + <input type="hidden" name="{{_csrf.parameterName}}" value="{{_csrf.token}}" /> <input style="width: 100%;" type="file" name="attach" accept="image/jpeg,image/png"/> <i>({{ i18n("messages","postForm.imageFormats") }})</i></span> </p> <p> |