rattail/tailbone
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity

Fix CSRF token bug with email preview form, refactor to use webhelpers

Browse source
This commit is contained in:
Lance Edgar 2017-01-09 13:38:17 -06:00
parent 03805942ae
commit 5bc3cb7431
1 changed files with 7 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

13
tailbone/templates/email/profiles/view.mako
View file

@ -21,10 +21,11 @@
${parent.body()}
<form action="${url('email.preview')}" name="send-email-preview" method="post">
<a id="preview-html" class="button" href="${url('email.preview')}?key=${instance['key']}&amp;type=html" target="_blank">Preview HTML</a>
<a id="preview-txt" class="button" href="${url('email.preview')}?key=${instance['key']}&amp;type=txt" target="_blank">Preview TXT</a>
${h.form(url('email.preview'), name='send-email-preview')}
${h.csrf_token(request)}
${h.link_to("Preview HTML", '{}?key={}&type=html'.format(url('email.preview'), instance['key']), id='preview-html', class_='button', target='_blank')}
${h.link_to("Preview TXT", '{}?key={}&type=txt'.format(url('email.preview'), instance['key']), id='preview-txt', class_='button', target='_blank')}
or
<input type="text" name="recipient" value="${request.user.email_address or ''}" />
<input type="submit" name="send_${instance['key']}" value="Send Preview Email" />
</form>
${h.text('recipient', value=request.user.email_address or '')}
${h.submit('send_{}'.format(instance['key']), value="Send Preview Email")}
${h.end_form()}