You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@allura.apache.org by br...@apache.org on 2013/12/04 17:42:20 UTC
[3/6] git commit: [#5475] ticket:473 Removed useless csrf tokens from
oauth forms
[#5475] ticket:473 Removed useless csrf tokens from oauth forms
Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/5042b1d6
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/5042b1d6
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/5042b1d6
Branch: refs/heads/master
Commit: 5042b1d60bb4bb321a18907057ae3915715085e3
Parents: d778f65
Author: Andrej Aleksandrov <pi...@gmail.com>
Authored: Fri Nov 8 16:49:56 2013 +0200
Committer: Dave Brondsema <db...@slashdotmedia.com>
Committed: Wed Dec 4 15:35:11 2013 +0000
----------------------------------------------------------------------
Allura/allura/templates/oauth_applications.html | 3 ---
Allura/allura/templates/oauth_authorize.html | 1 -
2 files changed, 4 deletions(-)
----------------------------------------------------------------------
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/5042b1d6/Allura/allura/templates/oauth_applications.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/oauth_applications.html b/Allura/allura/templates/oauth_applications.html
index 3742662..6bc90a3 100644
--- a/Allura/allura/templates/oauth_applications.html
+++ b/Allura/allura/templates/oauth_applications.html
@@ -105,7 +105,6 @@
<form method="POST" action="revoke_access_token" class="revoke_access_token">
<input type="hidden" name="_id" value="{{access_token._id}}"/>
<input type="submit" value="Revoke"/>
- {{lib.csrf_token()}}
</form>
</td>
</tr>
@@ -132,12 +131,10 @@
<form method="POST" action="deregister" class="deregister_consumer_token">
<input type="hidden" name="_id" value="{{consumer_token._id}}"/>
<input type="submit" value="Deregister"/>
- {{lib.csrf_token()}}
</form>
<form method="POST" action="generate_access_token" class="generate_access_token">
<input type="hidden" name="_id" value="{{consumer_token._id}}"/>
<input type="submit" value="Generate Bearer Token"/>
- {{lib.csrf_token()}}
</form>
</td>
</tr>
http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/5042b1d6/Allura/allura/templates/oauth_authorize.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/oauth_authorize.html b/Allura/allura/templates/oauth_authorize.html
index 7177442..0aa0437 100644
--- a/Allura/allura/templates/oauth_authorize.html
+++ b/Allura/allura/templates/oauth_authorize.html
@@ -38,7 +38,6 @@
<input type="hidden" name="oauth_token" value="{{oauth_token}}"/>
<input type="submit" name="no" value="No, do not authorize {{ consumer.name }}">
<input type="submit" name="yes" value="Yes, authorize {{ consumer.name }}"><br>
- {{lib.csrf_token()}}
</form>
<br style="clear:both"/>
<h2>{{consumer.name}}</h2>