Add CSRF protection to all templates

templates/apipassword.html

@@ -10,6 +10,7 @@ below.</p>
 <form action="{% url sso.views.service_reset serviceid %}" method="post">
 <table>
 {{ form.as_table }}
+{% csrf_token %}
 </table>
 <br />
 <input type="submit" value="Reset Account" />

templates/hr/applications/accept.html

@@ -7,6 +7,7 @@
 <form action="{% url hr.views.accept_application applicationid %}" method="post">
 <table>
 {{ form.as_table }}
+{% csrf_token %}
 </table>
 <input type="submit" value="Apply" />
 </form>

templates/hr/applications/add.html

@@ -9,6 +9,7 @@
 <table>
 {{ form.as_table }}
 </table>
+{% csrf_token %}
 <input type="submit" value="Apply" />
 </form>
 {% endblock %}

templates/hr/applications/add_message.html

@@ -7,6 +7,7 @@
 <table>
 {{ form.as_table }}
 </table>
+{% csrf_token %}
 <input type="submit" value="Apply" />
 </form>
 {% endblock %}

templates/hr/applications/add_note.html

@@ -7,6 +7,7 @@
 <table>
 {{ form.as_table }}
 </table>
+{% csrf_token %}
 <input type="submit" value="Apply" />
 </form>
 {% endblock %}

templates/hr/applications/reject.html

@@ -8,6 +8,7 @@
 <table>
 {{ form.as_table }}
 </table>
+{% csrf_token %}
 <input type="submit" value="Apply" />
 </form>
 {% endblock %}

templates/hr/recommendations/add.html

@@ -11,6 +11,7 @@ The person you are recommending needs to have created their application before y
 <table>
 {{ form.as_table }}
 </table>
+{% csrf_token %}
 <input type="submit" value="Add Recommendation" />
 </form>
 {% endblock %}

templates/piston/authorize_token.html

@@ -12,6 +12,7 @@
       <table>
       {{ form.as_table }}
       </table>
+      {% csrf_token %}
       <button type="submit">Confirm</button>
     </form>
 

templates/registration/login.html

@@ -24,6 +24,7 @@
 <tr><td>{{ form.password.label_tag }}</td><td>{{ form.password }}</td></tr>
 </table>
 <br />
+{% csrf_token %}
 <input type="submit" value="login" />
 <input type="hidden" name="next" value="{{ next }}" />
 </form>

templates/registration/registration_form.html

@@ -11,6 +11,7 @@
 <form method="post" action=".">
     <table>
       {{ form }}
+      {% csrf_token %}
     </table>
     <br />
     <input type="submit" value="{% trans "Create Account" %}" />

templates/sso/apipassword.html

@@ -12,6 +12,7 @@ password below.</p>
 {{ form.as_table }}
 </table>
 <br />
+{% csrf_token %}
 <input type="submit" value="Reset Account" />
 </form>
 

templates/sso/eveapi.html

@@ -12,6 +12,7 @@ page</a> and a optional description.</p>
 {{ form.as_table }}
 </table>
 <br />
+{% csrf_token %}
 <input type="submit" value="Add Key" />
 </form>
 <p>Once you have added your EVE API key, don't forget to apply in game, as well as add an application through our

templates/sso/redditaccount.html

@@ -11,6 +11,7 @@ on from time to time</p>
 <table>
 {{ form.as_table }}
 </table>
+{% csrf_token %}
 <br />
 <input type="submit" value="Add Account" />
 </form>

templates/sso/serviceaccount/deleteconfirm.html

@@ -9,6 +9,7 @@ create a new account until fixed by a Sysop. If you are having issues logging in
 <p>If you are sure, then please click confirm</p>
 
 <form action="{% url sso.views.service_del acc.id %}" method="post">
+{% csrf_token %}
 <input name="confirm-delete" type="hidden" value="1"/>
 <input type="submit" value="Confirm Delete" />
 </form>

templates/sso/serviceaccount/index.html

@@ -19,6 +19,7 @@ up to date, if so use the "Refresh" function.</p>
 </table>
 <br />
 <input type="submit" value="Create Account" />
+{% csrf_token %}
 </form>
 <br/>
 {% endblock %}

templates/sso/serviceaccount/reset.html

@@ -11,6 +11,7 @@ below.</p>
 <table>
 {{ form.as_table }}
 </table>
+{% csrf_token %}
 <input type="submit" value="Reset Account" />
 </form>