incubator-allura-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From brond...@apache.org
Subject [3/6] git commit: [#5475] ticket:473 Removed useless csrf tokens from oauth forms
Date Wed, 04 Dec 2013 16:42:20 GMT
[#5475] ticket:473 Removed useless csrf tokens from oauth forms


Project: http://git-wip-us.apache.org/repos/asf/incubator-allura/repo
Commit: http://git-wip-us.apache.org/repos/asf/incubator-allura/commit/5042b1d6
Tree: http://git-wip-us.apache.org/repos/asf/incubator-allura/tree/5042b1d6
Diff: http://git-wip-us.apache.org/repos/asf/incubator-allura/diff/5042b1d6

Branch: refs/heads/master
Commit: 5042b1d60bb4bb321a18907057ae3915715085e3
Parents: d778f65
Author: Andrej Aleksandrov <pinelounge@gmail.com>
Authored: Fri Nov 8 16:49:56 2013 +0200
Committer: Dave Brondsema <dbrondsema@slashdotmedia.com>
Committed: Wed Dec 4 15:35:11 2013 +0000

----------------------------------------------------------------------
 Allura/allura/templates/oauth_applications.html | 3 ---
 Allura/allura/templates/oauth_authorize.html    | 1 -
 2 files changed, 4 deletions(-)
----------------------------------------------------------------------


http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/5042b1d6/Allura/allura/templates/oauth_applications.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/oauth_applications.html b/Allura/allura/templates/oauth_applications.html
index 3742662..6bc90a3 100644
--- a/Allura/allura/templates/oauth_applications.html
+++ b/Allura/allura/templates/oauth_applications.html
@@ -105,7 +105,6 @@
                 <form method="POST" action="revoke_access_token" class="revoke_access_token">
                     <input type="hidden" name="_id" value="{{access_token._id}}"/>
                     <input type="submit" value="Revoke"/>
-                    {{lib.csrf_token()}}
                 </form>
             </td>
         </tr>
@@ -132,12 +131,10 @@
                 <form method="POST" action="deregister" class="deregister_consumer_token">
                     <input type="hidden" name="_id" value="{{consumer_token._id}}"/>
                     <input type="submit" value="Deregister"/>
-                    {{lib.csrf_token()}}
                 </form>
                 <form method="POST" action="generate_access_token" class="generate_access_token">
                     <input type="hidden" name="_id" value="{{consumer_token._id}}"/>
                     <input type="submit" value="Generate Bearer Token"/>
-                    {{lib.csrf_token()}}
                 </form>
             </td>
         </tr>

http://git-wip-us.apache.org/repos/asf/incubator-allura/blob/5042b1d6/Allura/allura/templates/oauth_authorize.html
----------------------------------------------------------------------
diff --git a/Allura/allura/templates/oauth_authorize.html b/Allura/allura/templates/oauth_authorize.html
index 7177442..0aa0437 100644
--- a/Allura/allura/templates/oauth_authorize.html
+++ b/Allura/allura/templates/oauth_authorize.html
@@ -38,7 +38,6 @@
   <input type="hidden" name="oauth_token" value="{{oauth_token}}"/>
   <input type="submit" name="no" value="No, do not authorize {{ consumer.name }}">
   <input type="submit" name="yes" value="Yes, authorize {{ consumer.name }}"><br>
-  {{lib.csrf_token()}}
 </form>
 <br style="clear:both"/>
 <h2>{{consumer.name}}</h2>


Mime
View raw message