Added new modules to help prevent Cross Site Request Forgery

[sdnc/oam.git] / admportal / views / partials / vnf_profile.ejs

diff --git a/admportal/views/partials/vnf_profile.ejs b/admportal/views/partials/vnf_profile.ejs
index d67cf1a..f513219 100644 (file)
--- a/admportal/views/partials/vnf_profile.ejs
+++ b/admportal/views/partials/vnf_profile.ejs
@@ -21,9 +21,10 @@
                 <input type="text" class="form-control" name="nf_equipment_role" id="nf_equipment_role" maxlength="11" placeholder="varchar(80)">
               </div>
               <div class="form-group">
-                               <input type="hidden" name="nf_action" id="nf_action">
-                               <button type="button" class="btn btn-primary" onclick="addVnfProfile(this.form);">Submit</button>
-                               <button type="button" class="btn btn-default" data-dismiss="modal">Cancel</button>
+                                                               <input type="hidden" name="nf_action" id="nf_action">
+                                                               <input type="hidden" name="_csrf" value="<%= privilege.csrfToken %>" />
+                                                               <button type="button" class="btn btn-primary" onclick="addVnfProfile(this.form);">Submit</button>
+                                                               <button type="button" class="btn btn-default" data-dismiss="modal">Cancel</button>
               </div>
            </form>
           </div>