diff options
author | Rotundo, Al (ar3165) <ar3165@att.com> | 2019-07-31 14:46:56 +0000 |
---|---|---|
committer | Timoney, Dan (dt5972) <dtimoney@att.com> | 2019-07-31 14:31:07 -0400 |
commit | 18dcbec3a5a99a57d0ef43a06a99c2ab17c2eed6 (patch) | |
tree | 39c938d972c6a3fefbb5c8350c2141fb8ee1e5eb /admportal/views/pages/login.ejs | |
parent | 33e9f85700d3ba17f95a69011d2d2932d4b98df0 (diff) |
Added new modules to help prevent Cross Site Request Forgery
Made changes to prevent arbitrary code exection on AdmPortal.
Issue-ID: OJSI-40
Change-Id: I5ec60e2585413f3948c2540bd502dd1393794267
Signed-off-by: Rotundo, Al (ar3165) <ar3165@att.com>
Former-commit-id: 3d54c9ad35ef5e7a4b13948e718a4ad2830cbb04
Diffstat (limited to 'admportal/views/pages/login.ejs')
-rw-r--r-- | admportal/views/pages/login.ejs | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/admportal/views/pages/login.ejs b/admportal/views/pages/login.ejs index 3a3e5e4e..9da2f31d 100644 --- a/admportal/views/pages/login.ejs +++ b/admportal/views/pages/login.ejs @@ -33,6 +33,7 @@ <form class="form-signin" method="POST" action="/formlogin"> <h3 class="form-signin-heading">AdminPortal Login</h3> + <input type="hidden" name="_csrf" value="<%= csrfToken %>" /> <input type="text" name="email" id="email" class="form-control" placeholder="Email" required> <input type="password" name="password" id="password" class="form-control" placeholder="Password" required> |