From 125734746e1d48514b2e9affb8dd793d600b7c17 Mon Sep 17 00:00:00 2001 From: David Lawrence Date: Tue, 4 Oct 2016 13:16:48 +0000 Subject: Bug 1306589 - BMO: CSRF vulnerability allows deleting admin queue entries --- .../en/default/pages/push_queues_view.html.tmpl | 30 ++++++++++++++-------- 1 file changed, 19 insertions(+), 11 deletions(-) (limited to 'extensions/Push/template/en/default/pages') diff --git a/extensions/Push/template/en/default/pages/push_queues_view.html.tmpl b/extensions/Push/template/en/default/pages/push_queues_view.html.tmpl index 6330d8ae4..355e6af91 100644 --- a/extensions/Push/template/en/default/pages/push_queues_view.html.tmpl +++ b/extensions/Push/template/en/default/pages/push_queues_view.html.tmpl @@ -14,6 +14,7 @@ [% IF !message_obj %] Return + [% INCLUDE global/footer.html.tmpl %] [% RETURN %] [% END %] @@ -55,6 +56,24 @@ [% END %] + + Actions + +
+ + + + + + +
+
+ + +
+ + + [% IF json %] @@ -64,17 +83,6 @@ [% END %] - - - - Return | - Delete - - - [% INCLUDE global/footer.html.tmpl %] -- cgit v1.2.3-24-g4f1b