Skip to content

Commit

Permalink
Fixed CSRF issues in edit operations.
Browse files Browse the repository at this point in the history
  • Loading branch information
@tonioo
tonioo committed Feb 27, 2023
1 parent 9021ac0 commit 5d886f3
Show file tree
Hide file tree
Showing 2 changed files with 2 additions and 0 deletions.
1 change: 1 addition & 0 deletions modoboa/admin/views/domain.py
View file
Expand Up @@ -214,6 +214,7 @@ def newdomain(request):

@login_required
@permission_required("admin.view_domain")
@require_http_methods(["POST"])
@reversion.create_revision()
def editdomain(request, dom_id):
"""Edit domain view."""
Expand Down
1 change: 1 addition & 0 deletions modoboa/admin/views/identity.py
View file
Expand Up @@ -167,6 +167,7 @@ def newaccount(request):

@login_required
@permission_required("core.change_user")
@require_http_methods(["POST"])
@reversion.create_revision()
def editaccount(request, pk):
account = User.objects.get(pk=pk)
Expand Down

0 comments on commit 5d886f3

Please sign in to comment.