Added new modules to help prevent Cross Site Request Forgery

[sdnc/oam.git] / admportal / views / partials / update_parameter.ejs

diff --git a/admportal/views/partials/update_parameter.ejs b/admportal/views/partials/update_parameter.ejs
index c0ef57d..257f657 100644 (file)
--- a/admportal/views/partials/update_parameter.ejs
+++ b/admportal/views/partials/update_parameter.ejs
@@ -25,6 +25,7 @@
                 <input maxlength="128" type="text" class="form-control" name="uf_memo" id="uf_memo" placeholder="varchar(128)">
               </div>
                          <div class="form-group">
+                                       <input type="hidden" name="_csrf" value="<%= privilege.csrfToken %>" />
                   <input type="hidden" name="nf_action" id="nf_action">
                   <input type="hidden" name="uf_key_name" id="uf_key_name">
                   <button type="button" class="btn btn-primary" onclick="submitParam(this.form);">Submit</button>