Mercurial > libervia-templates

changeset 37:eb9a42fca6c8

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
input/form: added csrf_token hidden field if it is defined, and import form with context to get this variable
author Goffi <goffi@goffi.org>
date Mon, 10 Jul 2017 19:11:34 +0200
parents baa0942d6b45
children f371bc50ea45
files default/event/attendance.html default/input/comment.html default/input/form.html
diffstat 3 files changed, 5 insertions(+), 2 deletions(-) [+]
line wrap: on
line diff
--- a/default/event/attendance.html	Tue Jul 04 07:54:32 2017 +0200
+++ b/default/event/attendance.html	Mon Jul 10 19:11:34 2017 +0200
@@ -1,4 +1,4 @@
-{% import 'input/form.html' as form %}
+{% import 'input/form.html' as form with context %}
 {% import 'input/field.html' as field with context %}
 
 <div class="attendance box">
--- a/default/input/comment.html	Tue Jul 04 07:54:32 2017 +0200
+++ b/default/input/comment.html	Mon Jul 10 19:11:34 2017 +0200
@@ -1,4 +1,4 @@
-{% import 'input/form.html' as form %}
+{% import 'input/form.html' as form with context %}
 {% import 'input/field.html' as field %}
 
 {% macro head(service, node) %}
--- a/default/input/form.html	Tue Jul 04 07:54:32 2017 +0200
+++ b/default/input/form.html	Mon Jul 10 19:11:34 2017 +0200
@@ -1,5 +1,8 @@
 {% macro form(action='') %}
 <form method="post" action="{{action}}">
+    {% if csrf_token is defined %}
+        <input type="hidden" name="csrf_token" value="{{csrf_token}}">
+    {% endif %}
     {{ caller() }}
 </form>
 {% endmacro %}