From a6aa75fc6f96527f01e8b4f0da414d9fa8ad8ce1 Mon Sep 17 00:00:00 2001
From: Reed Loden <reed@reedloden.com>
Date: Tue, 13 Dec 2011 14:30:07 -0800
Subject: Bug 705474 - CSRF vulnerability in createaccount.cgi allows possible
 unauthorized account creation e-mail request [r=mkanat a=mkanat]

---
 template/en/default/account/create.html.tmpl | 1 +
 1 file changed, 1 insertion(+)

(limited to 'template/en')

diff --git a/template/en/default/account/create.html.tmpl b/template/en/default/account/create.html.tmpl
index 5b8220193..5acd9f541 100644
--- a/template/en/default/account/create.html.tmpl
+++ b/template/en/default/account/create.html.tmpl
@@ -73,6 +73,7 @@
     </tr>
   </table>
   <br>
+  <input type="hidden" id="token" name="token" value="[% issue_hash_token(['create_account']) FILTER html %]">
   <input type="submit" id="send" value="Send">
 </form>
 
-- 
cgit v1.2.3-24-g4f1b