Enable CSRF protection (#10447)

* Enable CSRF protection * fix style issues
2024-10-07 16:52:45 +00:00 · 2019-07-17 07:20:26 -05:00
parent b085703b2d
commit 3ead462549
77 changed files with 105 additions and 7 deletions
--- a/includes/html/modal/delete_alert_rule.inc.php
+++ b/includes/html/modal/delete_alert_rule.inc.php
@@ -31,6 +31,7 @@ if (!LegacyAuth::user()->hasGlobalAdmin()) {
            </div>
            <div class="modal-footer">
                <form role="form" class="remove_token_form">
+                    <?php echo csrf_field() ?>
                    <button type="button" class="btn btn-default" data-dismiss="modal">Cancel</button>
                    <button type="submit" class="btn btn-danger danger" id="alert-rule-removal" data-target="alert-rule-removal">Delete</button>
                    <input type="hidden" name="alert_id" id="alert_id" value="">