projects / project / luci.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
luci-base: protect simpleforms with CSRF tokens
[project/luci.git] / modules / luci-base / luasrc / view / cbi / simpleform.htm
diff --git a/modules/luci-base/luasrc/view/cbi/simpleform.htm b/modules/luci-base/luasrc/view/cbi/simpleform.htm
index 437a07a..78f5c5a 100644 (file)
--- a/modules/luci-base/luasrc/view/cbi/simpleform.htm
+++ b/modules/luci-base/luasrc/view/cbi/simpleform.htm
@@ -2,6 +2,7 @@
 <form method="post" enctype="multipart/form-data" action="<%=REQUEST_URI%>">
        <div>
                <script type="text/javascript" src="<%=resource%>/cbi.js"></script>
+               <input type="hidden" name="token" value="<%=token%>" />
                <input type="hidden" name="cbi.submit" value="1" />
        </div>
 <% end %>
Lua Configuration Interface (mirror)