diff options
author | Paul Duncan <pabs@pablotron.org> | 2016-05-21 13:05:20 -0400 |
---|---|---|
committer | Paul Duncan <pabs@pablotron.org> | 2016-05-21 13:05:20 -0400 |
commit | b1d1a7c6c5c13c1496fa87a0eddaf4e724ecb299 (patch) | |
tree | 9ab1bac834199321fa6d3cb8568def02ed200cc6 /src/views | |
parent | 59e64495121447c988d6aef243b7b3c17cb5f483 (diff) | |
download | guff-b1d1a7c6c5c13c1496fa87a0eddaf4e724ecb299.tar.bz2 guff-b1d1a7c6c5c13c1496fa87a0eddaf4e724ecb299.zip |
add csrf protection to login page
Diffstat (limited to 'src/views')
-rw-r--r-- | src/views/login-page.ecr | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/src/views/login-page.ecr b/src/views/login-page.ecr index 9f2082a..e0404ce 100644 --- a/src/views/login-page.ecr +++ b/src/views/login-page.ecr @@ -75,6 +75,12 @@ Log In </button> </div><!-- form-group --> + + <input + type='hidden' + name='csrf_token' + value='<%= h(get_csrf_token) %>' + /> </form> </div><!-- panel-body --> </div><!-- panel --> |