summaryrefslogtreecommitdiffstats
path: root/template/en/default/search/search-advanced.html.tmpl
diff options
context:
space:
mode:
authorSimon Bennetts <psiinon@gmail.com>2018-04-04 19:21:33 +0200
committerIsrael Madueme <purelogiq@gmail.com>2018-04-04 19:21:33 +0200
commitfe259aba572e08df22557251ca9279f512f6862c (patch)
tree5f6428a14dd727c0c3136352413a0a28718f8cda /template/en/default/search/search-advanced.html.tmpl
parent3d6e2fb15c254d2d8fe75dc0307a4b0fd3e62865 (diff)
downloadbugzilla-fe259aba572e08df22557251ca9279f512f6862c.tar.gz
bugzilla-fe259aba572e08df22557251ca9279f512f6862c.tar.xz
Bug 1446431 - Allow Baseline scan to ignore forms that dont need CSRF Tokens
The data-no-csrf attribute is used to signify that a form is 'safe' (ie doesn't actually make any permanent changes) and so doesn't need an anti-csrf token.
Diffstat (limited to 'template/en/default/search/search-advanced.html.tmpl')
-rw-r--r--template/en/default/search/search-advanced.html.tmpl2
1 files changed, 1 insertions, 1 deletions
diff --git a/template/en/default/search/search-advanced.html.tmpl b/template/en/default/search/search-advanced.html.tmpl
index 60f47a916..b51906774 100644
--- a/template/en/default/search/search-advanced.html.tmpl
+++ b/template/en/default/search/search-advanced.html.tmpl
@@ -60,7 +60,7 @@ function remove_token() {
<p id="search_help">Hover your mouse over each field label to get help for that field.</p>
<form method="post" action="buglist.cgi" name="queryform" id="queryform"
- onsubmit="remove_token()">
+ onsubmit="remove_token()" data-no-csrf>
[% PROCESS search/form.html.tmpl %]