Added new modules to help prevent Cross Site Request Forgery

[sdnc/oam.git] / admportal / views / mobility / vnfPreloadData.ejs

diff --git a/admportal/views/mobility/vnfPreloadData.ejs b/admportal/views/mobility/vnfPreloadData.ejs
index 69f02e5..4dc7398 100644 (file)
--- a/admportal/views/mobility/vnfPreloadData.ejs
+++ b/admportal/views/mobility/vnfPreloadData.ejs
@@ -110,8 +110,9 @@
     <div class="col-md-8  col-md-push-4">
        <form method="POST" action="/mobility/uploadVnfData" enctype="multipart/form-data">
                <div class="form-group">
+                               <input type="hidden" name="_csrf" value="<%= privilege.csrfToken %>" />
                <label for="dest">Upload pre processed JSON file.</label>
-               <input name="filename" type="file" id="dest">
+               <input name="filename" type="file" id="dest" />
                <p class="help-block">Choose a JSON file to upload.</p>
             <button type="button" class="btn btn-default"
                                data-toggle="tooltip" data-placement="bottom"
@@ -123,8 +124,9 @@
        <div class="col-md-4 col-md-pull-8">
        <form method="POST" action="/preload/uploadVnfCsv" enctype="multipart/form-data">
                <div class="form-group">
+                               <input type="hidden" name="_csrf" value="<%= privilege.csrfToken %>" />
                <label for="dest">Upload Worksheet CSV files from the <%= preloadImportDirectory %> directory.</label>
-               <input name="filename" type="file" id="dest" multiple>
+               <input name="filename" type="file" id="dest" multiple />
                <p class="help-block">Choose Worksheet CSV files to upload.</p>
                        <button type="button" class="btn btn-default" 
                                data-toggle="tooltip" data-placement="bottom"