Merge lp:~wacky/postorius/csrf into lp:postorius

Proposed by Richard Wackerbarth
Status: Merged
Merged at revision: 65
Proposed branch: lp:~wacky/postorius/csrf
Merge into: lp:postorius
Diff against target: 253 lines (+25/-25)
14 files modified
src/postorius/templates/postorius/confirm_dialog.html (+1/-1)
src/postorius/templates/postorius/domain_new.html (+1/-1)
src/postorius/templates/postorius/lists/mass_subscribe.html (+1/-1)
src/postorius/templates/postorius/lists/new.html (+1/-1)
src/postorius/templates/postorius/lists/settings.html (+1/-1)
src/postorius/templates/postorius/lists/subscribe.html (+1/-1)
src/postorius/templates/postorius/lists/subscriptions.html (+2/-2)
src/postorius/templates/postorius/lists/summary.html (+1/-1)
src/postorius/templates/postorius/login.html (+4/-4)
src/postorius/templates/postorius/menu/general.html (+2/-2)
src/postorius/templates/postorius/menu/maintanance.html (+3/-3)
src/postorius/templates/postorius/menu/subscriptions.html (+4/-4)
src/postorius/templates/postorius/user_mailmansettings.html (+1/-1)
src/postorius/templates/postorius/user_settings.html (+2/-2)
To merge this branch: bzr merge lp:~wacky/postorius/csrf
Reviewer Review Type Date Requested Status
Florian Fuchs Approve
Review via email: mp+106211@code.launchpad.net

Description of the change

csrf tokens added

To post a comment you must log in.
lp:~wacky/postorius/csrf updated
66. By Richard Wackerbarth

Some spelling errors

Revision history for this message
Florian Fuchs (flo-fuchs) wrote :

Hi Richard,

thank you for the fix! I've merged into trunk (revision 65).

review: Approve

Preview Diff

[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
=== modified file 'src/postorius/templates/postorius/confirm_dialog.html'
--- src/postorius/templates/postorius/confirm_dialog.html 2012-03-23 17:24:59 +0000
+++ src/postorius/templates/postorius/confirm_dialog.html 2012-05-17 15:51:26 +0000
@@ -4,7 +4,7 @@
4{% block main %}4{% block main %}
5 <h1>{% trans 'Confirm' %}</h1>5 <h1>{% trans 'Confirm' %}</h1>
6 <p>{% trans "Are you sure?" %}</p>6 <p>{% trans "Are you sure?" %}</p>
7 <form action="{{submit_url}}" method="post">7 <form action="{{submit_url}}" method="post"> {% csrf_token %}
8 <button class="btn btn-danger" type="submit">{% trans "OK" %}</button>8 <button class="btn btn-danger" type="submit">{% trans "OK" %}</button>
9 <a class="btn" href="{{cancel_url}}">{% trans "Cancel" %}</a>9 <a class="btn" href="{{cancel_url}}">{% trans "Cancel" %}</a>
10 </form>10 </form>
1111
=== modified file 'src/postorius/templates/postorius/domain_new.html'
--- src/postorius/templates/postorius/domain_new.html 2012-03-23 18:02:50 +0000
+++ src/postorius/templates/postorius/domain_new.html 2012-05-17 15:51:26 +0000
@@ -4,7 +4,7 @@
4{% block main %}4{% block main %}
5 {% include 'postorius/menu/settings_nav.html' %}5 {% include 'postorius/menu/settings_nav.html' %}
6 <h1>{% trans "Add a new Domain" %}</h1>6 <h1>{% trans "Add a new Domain" %}</h1>
7 <form action="{% url domain_new %}" method="post" class="well">7 <form action="{% url domain_new %}" method="post" class="well"> {% csrf_token %}
8 {{ form.as_p }}8 {{ form.as_p }}
9 <div class="field">9 <div class="field">
10 <button class="btn btn-success" type="submit">{% trans "Create Domain" %}</button>10 <button class="btn btn-success" type="submit">{% trans "Create Domain" %}</button>
1111
=== modified file 'src/postorius/templates/postorius/lists/mass_subscribe.html'
--- src/postorius/templates/postorius/lists/mass_subscribe.html 2012-03-23 22:06:25 +0000
+++ src/postorius/templates/postorius/lists/mass_subscribe.html 2012-05-17 15:51:26 +0000
@@ -6,7 +6,7 @@
6 {% include 'postorius/menu/list_nav.html' %}6 {% include 'postorius/menu/list_nav.html' %}
7 {% endif %}7 {% endif %}
8 <h1>{% trans "Mass Subscribe" %} <span>- {{list.fqdn_listname}}</span></h1>8 <h1>{% trans "Mass Subscribe" %} <span>- {{list.fqdn_listname}}</span></h1>
9 <form action="{% url mass_subscribe list.fqdn_listname %}" method="post" class="well">9 <form action="{% url mass_subscribe list.fqdn_listname %}" method="post" class="well"> {% csrf_token %}
10 {{ form.as_p }}10 {{ form.as_p }}
11 <button class="btn btn-primary" type="submit">{% trans "Subscribe users" %}</button>11 <button class="btn btn-primary" type="submit">{% trans "Subscribe users" %}</button>
12 </form>12 </form>
1313
=== modified file 'src/postorius/templates/postorius/lists/new.html'
--- src/postorius/templates/postorius/lists/new.html 2012-03-23 18:02:50 +0000
+++ src/postorius/templates/postorius/lists/new.html 2012-05-17 15:51:26 +0000
@@ -3,7 +3,7 @@
33
4{% block main %}4{% block main %}
5 <h1>{% trans "Create a new List" %} {{ block.super }}</h1> 5 <h1>{% trans "Create a new List" %} {{ block.super }}</h1>
6 <form action="{% url list_new %}" method="post" class="well">6 <form action="{% url list_new %}" method="post" class="well"> {% csrf_token %}
7 {{ form.as_p }}7 {{ form.as_p }}
8 <button class="btn btn-success" type="submit">{% trans "Create List" %}</button>8 <button class="btn btn-success" type="submit">{% trans "Create List" %}</button>
9 </form>9 </form>
1010
=== modified file 'src/postorius/templates/postorius/lists/settings.html'
--- src/postorius/templates/postorius/lists/settings.html 2012-03-23 17:24:59 +0000
+++ src/postorius/templates/postorius/lists/settings.html 2012-05-17 15:51:26 +0000
@@ -12,7 +12,7 @@
12 </ul>12 </ul>
1313
14 {% if visible_section %}14 {% if visible_section %}
15 <form class="well" action="{% url list_settings fqdn_listname=list.fqdn_listname visible_section=visible_section visible_option=visible_option %}" method="post" class="list_settings">15 <form class="well" action="{% url list_settings fqdn_listname=list.fqdn_listname visible_section=visible_section visible_option=visible_option %}" method="post" class="list_settings"> {% csrf_token %}
16 {{ form.as_p }}16 {{ form.as_p }}
17 <button class="btn btn-primary" type="submit">{%trans "Save changes" %}</button>17 <button class="btn btn-primary" type="submit">{%trans "Save changes" %}</button>
18 </form>18 </form>
1919
=== modified file 'src/postorius/templates/postorius/lists/subscribe.html'
--- src/postorius/templates/postorius/lists/subscribe.html 2012-03-20 08:16:24 +0000
+++ src/postorius/templates/postorius/lists/subscribe.html 2012-05-17 15:51:26 +0000
@@ -3,7 +3,7 @@
33
4{% block main %}4{% block main %}
5 <h1>{% trans 'Subscribe' %} <span>{{ list.fqdn_listname}}</span></h1>5 <h1>{% trans 'Subscribe' %} <span>{{ list.fqdn_listname}}</span></h1>
6 <form action="{% url list_subscribe list.fqdn_listname %}" method="post" class="list_subscribe">6 <form action="{% url list_subscribe list.fqdn_listname %}" method="post" class="list_subscribe"> {% csrf_token %}
7 {{form.as_p}}7 {{form.as_p}}
8 <input class="btn btn-primary" type="submit" value="{% trans 'Subscribe' %}" />8 <input class="btn btn-primary" type="submit" value="{% trans 'Subscribe' %}" />
9 </form>9 </form>
1010
=== modified file 'src/postorius/templates/postorius/lists/subscriptions.html'
--- src/postorius/templates/postorius/lists/subscriptions.html 2012-03-23 17:24:59 +0000
+++ src/postorius/templates/postorius/lists/subscriptions.html 2012-05-17 15:51:26 +0000
@@ -4,7 +4,7 @@
4{% block main %}4{% block main %}
5 {{list.list_name}} <span>{{list.display_name}}</span>5 {{list.list_name}} <span>{{list.display_name}}</span>
6 {% if form_subscribe %}6 {% if form_subscribe %}
7 <form action="{%url list_subscriptions list.fqdn_listname %}" method="post" class="subscribe mm_clear" name="subscribe">7 <form action="{%url list_subscriptions list.fqdn_listname %}" method="post" class="subscribe mm_clear" name="subscribe"> {% csrf_token %}
8 {{ form_subscribe.as_div }}8 {{ form_subscribe.as_div }}
9 <div class="field">9 <div class="field">
10 <button type="submit">{% trans "Subscribe" %}</button>10 <button type="submit">{% trans "Subscribe" %}</button>
@@ -13,7 +13,7 @@
13 </form>13 </form>
14 {% endif %}14 {% endif %}
15 {% if form_unsubscribe %}15 {% if form_unsubscribe %}
16 <form action="{% url list_subscriptions list.fqdn_listname %}" method="post" class="unsubscribe mm_clear" name="unsubscribe">16 <form action="{% url list_subscriptions list.fqdn_listname %}" method="post" class="unsubscribe mm_clear" name="unsubscribe"> {% csrf_token %}
17 {{ form_unsubscribe.as_div }}17 {{ form_unsubscribe.as_div }}
18 <div class="field">18 <div class="field">
19 <button type="submit">{% trans "Unsubscribe" %}</button>19 <button type="submit">{% trans "Unsubscribe" %}</button>
2020
=== modified file 'src/postorius/templates/postorius/lists/summary.html'
--- src/postorius/templates/postorius/lists/summary.html 2012-03-23 18:02:50 +0000
+++ src/postorius/templates/postorius/lists/summary.html 2012-05-17 15:51:26 +0000
@@ -15,7 +15,7 @@
15 15
16 <h2>{% trans 'Membership' %}</h2>16 <h2>{% trans 'Membership' %}</h2>
17 {% if user.is_authenticated %}17 {% if user.is_authenticated %}
18 <form action="{% url list_subscribe list.fqdn_listname %}" method="post" class="list_subscribe">18 <form action="{% url list_subscribe list.fqdn_listname %}" method="post" class="list_subscribe"> {% csrf_token %}
19 {{subscribe_form.as_p}}19 {{subscribe_form.as_p}}
20 <input class="btn btn-success" type="submit" value="{% trans 'Subscribe' %}" />20 <input class="btn btn-success" type="submit" value="{% trans 'Subscribe' %}" />
21 <a href="{% url list_unsubscribe list.fqdn_listname user.email %}" class="btn btn-danger">Unsubscribe</a>21 <a href="{% url list_unsubscribe list.fqdn_listname user.email %}" class="btn btn-danger">Unsubscribe</a>
2222
=== modified file 'src/postorius/templates/postorius/login.html'
--- src/postorius/templates/postorius/login.html 2012-03-23 14:40:25 +0000
+++ src/postorius/templates/postorius/login.html 2012-05-17 15:51:26 +0000
@@ -5,7 +5,7 @@
5 5
6 <h2>Login with username and password</h2>6 <h2>Login with username and password</h2>
77
8 <form action="" method="post" class="login mm_clear">8 <form action="" method="post" class="login mm_clear"> {% csrf_token %}
9 {{ form.as_p }}9 {{ form.as_p }}
10 <div class="field">10 <div class="field">
11 <button class="btn btn-primary" type="submit">{% trans "Login" %}</button>11 <button class="btn btn-primary" type="submit">{% trans "Login" %}</button>
@@ -17,7 +17,7 @@
17 <!--17 <!--
18 <h2>Login using OpenID</h2>18 <h2>Login using OpenID</h2>
1919
20 <form method="post" action="{% url socialauth_begin 'openid' %}">20 <form method="post" action="{% url socialauth_begin 'openid' %}"> {% csrf_token %}
21 OpenID URL: <input type="text" name="openid_identifier" /> 21 OpenID URL: <input type="text" name="openid_identifier" />
22 <input type="submit" value="Login using OpenID" />22 <input type="submit" value="Login using OpenID" />
23 </form>23 </form>
@@ -27,7 +27,7 @@
2727
28 <h2>Login using BrowserID</h2>28 <h2>Login using BrowserID</h2>
2929
30 <form method="post" action="{% url socialauth_complete "browserid" %}">30 <form method="post" action="{% url socialauth_complete "browserid" %}"> {% csrf_token %}
31 <input type="hidden" name="assertion" value="" />31 <input type="hidden" name="assertion" value="" />
32 <a rel="nofollow" id="browserid" href="#"><img src="{{ STATIC_URL }}postorius/default/img/sign_in_blue.png" alt="Login using BrowserID" /></a>32 <a rel="nofollow" id="browserid" href="#"><img src="{{ STATIC_URL }}postorius/default/img/sign_in_blue.png" alt="Login using BrowserID" /></a>
33 </form>33 </form>
@@ -36,7 +36,7 @@
36{% block additionaljs %}36{% block additionaljs %}
37<!-- Include BrowserID JavaScript -->37<!-- Include BrowserID JavaScript -->
38<script src="https://browserid.org/include.js" type="text/javascript"></script>38<script src="https://browserid.org/include.js" type="text/javascript"></script>
39<!-- Setup click handler that retieves BrowserID assertion code and sends39<!-- Setup click handler that receives BrowserID assertion code and sends
40 POST data -->40 POST data -->
41<script type="text/javascript">41<script type="text/javascript">
42 $(function () {42 $(function () {
4343
=== modified file 'src/postorius/templates/postorius/menu/general.html'
--- src/postorius/templates/postorius/menu/general.html 2011-06-24 14:21:23 +0000
+++ src/postorius/templates/postorius/menu/general.html 2012-05-17 15:51:26 +0000
@@ -68,9 +68,9 @@
68 {% trans "advertised" %} Link:TODO68 {% trans "advertised" %} Link:TODO
69 </a>69 </a>
70 </li> 70 </li>
71 <li {% if selected == "anonymus_list" %}id="selected"{% endif %}>71 <li {% if selected == "anonymous_list" %}id="selected"{% endif %}>
72 <a href="{% comment %}{% url ... %}{% endcomment %}">72 <a href="{% comment %}{% url ... %}{% endcomment %}">
73 {% trans "anonymus_list" %} Link:TODO73 {% trans "anonymous_list" %} Link:TODO
74 </a>74 </a>
75 </li> 75 </li>
76 </ul></div> 76 </ul></div>
7777
=== modified file 'src/postorius/templates/postorius/menu/maintanance.html'
--- src/postorius/templates/postorius/menu/maintanance.html 2011-07-21 14:47:41 +0000
+++ src/postorius/templates/postorius/menu/maintanance.html 2012-05-17 15:51:26 +0000
@@ -9,7 +9,7 @@
9 {% trans "Archive" %} #TODO link9 {% trans "Archive" %} #TODO link
10 </a>10 </a>
11 </li>11 </li>
12 <li {% if selected == "auto_resonder" %}id="selected"{% endif %}>12 <li {% if selected == "auto_responder" %}id="selected"{% endif %}>
13 <a href="{% url list_settings fqdn_listname=fqdn_listname visible_section='Automatic Responses' visible_option=None %}">13 <a href="{% url list_settings fqdn_listname=fqdn_listname visible_section='Automatic Responses' visible_option=None %}">
14 {% trans "Auto Responder" %}14 {% trans "Auto Responder" %}
15 </a>15 </a>
@@ -52,9 +52,9 @@
52 {% trans "Message" %} Link:TODO52 {% trans "Message" %} Link:TODO
53 </a>53 </a>
54 </li>54 </li>
55 <li {% if selected == "filter_receipent" %}id="selected"{% endif %}>55 <li {% if selected == "filter_recipient" %}id="selected"{% endif %}>
56 <a href="{% comment %}{% url ... %}{% endcomment %}">56 <a href="{% comment %}{% url ... %}{% endcomment %}">
57 {% trans "Receipent" %} Link:TODO57 {% trans "Recipient" %} Link:TODO
58 </a>58 </a>
59 </li>59 </li>
60 <li {% if selected == "filter_spam" %}id="selected"{% endif %}>60 <li {% if selected == "filter_spam" %}id="selected"{% endif %}>
6161
=== modified file 'src/postorius/templates/postorius/menu/subscriptions.html'
--- src/postorius/templates/postorius/menu/subscriptions.html 2012-03-13 21:01:27 +0000
+++ src/postorius/templates/postorius/menu/subscriptions.html 2012-05-17 15:51:26 +0000
@@ -14,14 +14,14 @@
14 {% trans "Subscribe" %}14 {% trans "Subscribe" %}
15 </a>15 </a>
16 <div><ul class="menu">16 <div><ul class="menu">
17 <li{% if selected == "join_adress" %}id="selected"{% endif %}>17 <li{% if selected == "join_address" %}id="selected"{% endif %}>
18 <a href="{% comment %}{% url ... %}TODO add List{% endcomment %}">18 <a href="{% comment %}{% url ... %}TODO add List{% endcomment %}">
19 {% trans "Join Adress" %} Link:TODO19 {% trans "Join Address" %} Link:TODO
20 </a>20 </a>
21 </li> 21 </li>
22 <li{% if selected == "owner_adress" %}id="selected"{% endif %}>22 <li{% if selected == "owner_adress" %}id="selected"{% endif %}>
23 <a href="{% comment %}{% url ... %}TODO add List{% endcomment %}">23 <a href="{% comment %}{% url ... %}TODO add List{% endcomment %}">
24 {% trans "Owner Adress" %} Link:TODO24 {% trans "Owner Address" %} Link:TODO
25 </a>25 </a>
26 </li> 26 </li>
27 <li{% if selected == "mass_subscribe" %}id="selected"{% endif %}>27 <li{% if selected == "mass_subscribe" %}id="selected"{% endif %}>
@@ -38,7 +38,7 @@
38 <div><ul class="menu">38 <div><ul class="menu">
39 <li{% if selected == "leave_adress" %}id="selected"{% endif %}>39 <li{% if selected == "leave_adress" %}id="selected"{% endif %}>
40 <a href="{% comment %}{% url ... %}TODO add List{% endcomment %}">40 <a href="{% comment %}{% url ... %}TODO add List{% endcomment %}">
41 {% trans "Leave Adress" %} Link:TODO41 {% trans "Leave Address" %} Link:TODO
42 </a>42 </a>
43 </li> 43 </li>
44 </ul></div> 44 </ul></div>
4545
=== modified file 'src/postorius/templates/postorius/user_mailmansettings.html'
--- src/postorius/templates/postorius/user_mailmansettings.html 2012-03-23 17:24:59 +0000
+++ src/postorius/templates/postorius/user_mailmansettings.html 2012-05-17 15:51:26 +0000
@@ -55,7 +55,7 @@
55 <h2>List Preferences Overview</h2>55 <h2>List Preferences Overview</h2>
56 <p><em class="errorlist">Sample output: not real</em></p>56 <p><em class="errorlist">Sample output: not real</em></p>
57 <input id="btnHide" type="button" value="{% trans "Hide Descriptions" %}"/>57 <input id="btnHide" type="button" value="{% trans "Hide Descriptions" %}"/>
58 <form action="#">58 <form action="#"> {% csrf_token %}
59 <table class="table table-bordered table-striped">59 <table class="table table-bordered table-striped">
60 <tr>60 <tr>
61 <th>{% trans "Setting" %}</th>61 <th>{% trans "Setting" %}</th>
6262
=== modified file 'src/postorius/templates/postorius/user_settings.html'
--- src/postorius/templates/postorius/user_settings.html 2012-03-23 14:40:25 +0000
+++ src/postorius/templates/postorius/user_settings.html 2012-05-17 15:51:26 +0000
@@ -16,9 +16,9 @@
16 <div class="mm_boxHeader">16 <div class="mm_boxHeader">
17 {% trans "Content" %}17 {% trans "Content" %}
18 </div> 18 </div>
19 <p>{%trans "Use this page to manage your account. You'll be able to see a list of your subscirbed lists, modify these membership settings of the list and your personal preferences in user_settings <a href='https://bugs.launchpad.net/mailman/+bug/821438' >LP:821438</a> is solved <br>" %}</p>19 <p>{%trans "Use this page to manage your account. You'll be able to see a list of your subscribed lists, modify these membership settings of the list and your personal preferences in user_settings <a href='https://bugs.launchpad.net/mailman/+bug/821438' >LP:821438</a> is solved <br>" %}</p>
20 {% if form %}20 {% if form %}
21 <form action="" method="post" class="user" name="user">21 <form action="" method="post" class="user" name="user"> {% csrf_token %}
22 <ul class="">22 <ul class="">
23 {{ form.as_div }}23 {{ form.as_div }}
24 <li class="field">24 <li class="field">

Subscribers

People subscribed via source and target branches