From ee9b051c71a65a418034e2c6317a5a0ab23dab7a Mon Sep 17 00:00:00 2001
From: b3yond
Date: Sun, 27 Jan 2019 16:08:45 +0100
Subject: [PATCH] added CSRF token to settings template
---
frontend.py | 6 ------
template/settings.tpl | 7 ++++++-
2 files changed, 6 insertions(+), 7 deletions(-)
diff --git a/frontend.py b/frontend.py
index a800191..26a6477 100755
--- a/frontend.py
+++ b/frontend.py
@@ -144,7 +144,6 @@ def settings(user):
@post('/settings/markdown')
-#csrf
@view('template/settings.tpl')
def update_markdown(user):
user.set_markdown(request.forms['markdown'])
@@ -152,7 +151,6 @@ def update_markdown(user):
@post('/settings/mail_md')
-#csrf
@view('template/settings.tpl')
def update_mail_md(user):
user.set_mail_md(request.forms['mail_md'])
@@ -160,7 +158,6 @@ def update_mail_md(user):
@post('/settings/goodlist')
-#csrf
@view('template/settings.tpl')
def update_trigger_patterns(user):
user.set_trigger_words(request.forms['goodlist'])
@@ -168,7 +165,6 @@ def update_trigger_patterns(user):
@post('/settings/blocklist')
-#csrf
@view('template/settings.tpl')
def update_badwords(user):
user.set_badwords(request.forms['blocklist'])
@@ -176,7 +172,6 @@ def update_badwords(user):
@post('/settings/telegram')
-#csrf
def register_telegram(user):
apikey = request.forms['apikey']
user.update_telegram_key(apikey)
@@ -248,7 +243,6 @@ def twitter_callback(user):
@post('/login/mastodon')
-#csrf
def login_mastodon(user):
"""
Mastodon OAuth authentication process.
diff --git a/template/settings.tpl b/template/settings.tpl
index 0971d1b..66cf873 100644
--- a/template/settings.tpl
+++ b/template/settings.tpl
@@ -61,6 +61,7 @@
@@ -106,7 +108,7 @@
@@ -124,6 +126,7 @@
@@ -138,6 +141,7 @@
@@ -152,6 +156,7 @@