oss/wallabag
oss/wallabag
1
0
Fork 0
mirror of https://github.com/wallabag/wallabag.git synced 2025-06-27 16:36:00 +00:00
Code Wiki Activity

Protect changeLocale with a CSRF token

Browse source
This commit is contained in:
Yassine Guedidi 2025-03-19 00:40:30 +01:00
parent e162408139
commit ed1acf59e1
3 changed files with 36 additions and 12 deletions
Download patch file Download diff file Expand all files Collapse all files

20
templates/bundles/FOSUserBundle/layout.html.twig
View file

@ -16,9 +16,23 @@
{% endblock fos_user_content %}
</div>
<div class="center">
<a href="{{ path('changeLocale', {'language': 'de'}) }}">Deutsch</a>
<a href="{{ path('changeLocale', {'language': 'en'}) }}">English</a>
<a href="{{ path('changeLocale', {'language': 'fr'}) }}">Français</a>
<form action="{{ path('changeLocale', {'language': 'de'}) }}" method="post" class="inline-block">
<input type="hidden" name="token" value="{{ csrf_token('change-locale') }}"/>
<button type="submit" class="btn-link">Deutsch</button>
</form>
<form action="{{ path('changeLocale', {'language': 'en'}) }}" method="post" class="inline-block">
<input type="hidden" name="token" value="{{ csrf_token('change-locale') }}"/>
<button type="submit" class="btn-link">English</button>
</form>
<form action="{{ path('changeLocale', {'language': 'fr'}) }}" method="post" class="inline-block">
<input type="hidden" name="token" value="{{ csrf_token('change-locale') }}"/>
<button type="submit" class="btn-link">Français</button>
</form>
</div>
</div>
</main>