Merge pull request #4 from GeneralZero/master

Changed CSRF
2014-03-28 16:33:03 -04:00 · 2014-03-28 16:33:03 -04:00 · 6aef38c550
parent 205318ea42 8c2b102690
commit 6aef38c550
8 changed files with 9 additions and 9 deletions
--- a/views/account/profile.jade
+++ b/views/account/profile.jade
@ -5,7 +5,7 @@ block content
    h3 Profile Information
  form.form-horizontal(action='/account/profile', method='POST')
-    input(type='hidden', name='_csrf', value=token)
+    input(type='hidden', name='_csrf', value=_csrf)
    .form-group
      label.col-sm-2.control-label(for='email') Email
      .col-sm-4
@ -47,7 +47,7 @@ block content
      h3 Change Password
    form.form-horizontal(action='/account/password', method='POST')
-      input(type='hidden', name='_csrf', value=token)
+      input(type='hidden', name='_csrf', value=_csrf)
      .form-group
        label.col-sm-3.control-label(for='password') New Password
        .col-sm-4
--- a/views/account/reset.jade
+++ b/views/account/reset.jade
@ -4,7 +4,7 @@ block content
  .col-sm-8.col-sm-offset-2
    form(method='POST')
      legend Reset Password
-      input(type='hidden', name='_csrf', value=token)
+      input(type='hidden', name='_csrf', value=_csrf)
      .form-group
        label(for='password') New Password
        input.form-control(type='password', name='password', value='', placeholder='New password', autofocus=true)
--- a/views/account/signup.jade
+++ b/views/account/signup.jade
@ -2,7 +2,7 @@ extends ../layout
 block content
  form.form-horizontal(id='signup-form', method='POST')
-    input(type='hidden', name='_csrf', value=token)
+    input(type='hidden', name='_csrf', value=_csrf)
    legend Signup
    .form-group
      label.col-sm-3.control-label(for='email') Email
--- a/views/api/clockwork.jade
+++ b/views/api/clockwork.jade
@ -18,7 +18,7 @@ block content
  .row
    .col-sm-6
      form(role='form', method='POST')
-        input(type='hidden', name='_csrf', value=token)
+        input(type='hidden', name='_csrf', value=_csrf)
        .form-group
          .input-group
            input.form-control(type='text', name='telephone', placeholder='Phone Number (international format)')
--- a/views/api/twilio.jade
+++ b/views/api/twilio.jade
@ -21,7 +21,7 @@ block content
  .row
    .col-sm-6
      form(role='form', method='POST')
-        input(type='hidden', name='_csrf', value=token)
+        input(type='hidden', name='_csrf', value=_csrf)
        .form-group
          .input-group
            input.form-control(type='text', name='telephone', placeholder='Phone Number')
--- a/views/api/venmo.jade
+++ b/views/api/venmo.jade
@ -42,7 +42,7 @@ block content
    .col-sm-5
      h3 Make Payment
      form(role='form', method='POST')
-        input(type='hidden', name='_csrf', value=token)
+        input(type='hidden', name='_csrf', value=_csrf)
        .form-group
          label.control-label(for='user') Phone, Email or Venmo User ID
          input.form-control(type='text', name='user', id='user', placeholder='15555555555', autofocus=true)
--- a/views/contact.jade
+++ b/views/contact.jade
@ -5,7 +5,7 @@ block content
    h3 Contact Form
  form.form-horizontal(role='form', method='POST')
-    input(type='hidden', name='_csrf', value=token)
+    input(type='hidden', name='_csrf', value=_csrf)
    .form-group
      label(class='col-sm-2 control-label', for='name') Name
      .col-sm-8
--- a/views/layout.jade
+++ b/views/layout.jade
@ -5,7 +5,7 @@ html
    meta(http-equiv='X-UA-Compatible', content='IE=edge')
    meta(name='viewport', content='width=device-width, initial-scale=1.0')
    meta(name='description', content='')
-    meta(name='csrf-token', content=token)
+    meta(name='csrf-token', content=_csrf)
    meta(name='author', content='')
    title #{title} | Hackathon Starter
    != css('styles')