commit af76e65b574fe60be0002c34730945ee761ed17c
parent bdd57206bc58ece389d94dc8c203bcf540678033
Author: Oshgnacknak <osh@oshgnacknak.de>
Date: Wed, 4 Sep 2019 13:48:54 +0200
remove csrf
Diffstat:
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/smtl/app.py b/smtl/app.py
@@ -8,13 +8,11 @@ from datetime import date
current_year = date.today().year
cache = Cache(config={'CACHE_TYPE': 'null' if run_config.get('DEBUG', False) else 'simple'})
-csrf = CSRFProtect()
app = Flask(__name__)
app.config.from_object(__name__)
app.config['SQLALCHEMY_TRACK_MODIFICATIONS'] = False
app.config.update(app_config)
-csrf.init_app(app)
cache.init_app(app)
db = SQLAlchemy(app)
diff --git a/smtl/templates/signup_form.html b/smtl/templates/signup_form.html
@@ -3,7 +3,10 @@
<p>
Sie werden per EMail informiert sobald ihre Anmeldung bearbeitet wurde.
</p>
- <form id="signup_form" method="POST">
+ <noscript>
+ <h2>Bitte aktivieren sie JavaScript.</h2>
+ </noscript>
+ <form id="signup_form" method="POST" action="/api/add_player">
<table>
{% for field in [form.name, form.gender, form.birth_year, form.club, form.dwz, form.email] %}
<tr>
@@ -14,7 +17,6 @@
<tr>
<td>
<input type="submit" value="Teilnehmen">
- <input type="hidden" name="csrf_token" value="{{ csrf_token() }}" />
</td>
<td><input type="reset" value="Löschen"></td>
</tr>