fixed all POST routes to use new csrf middleware

2025-10-31 19:15:58 +01:00 · 2014-09-17 16:07:26 -04:00
parent 4f6b3055ff
commit a061079995
10 changed files with 30 additions and 22 deletions
--- a/src/controllers/topics.js
+++ b/src/controllers/topics.js
@@ -196,6 +196,7 @@ topicsController.get = function(req, res, next) {
 		data['reputation:disabled'] = parseInt(meta.config['reputation:disabled'], 10) === 1;
 		data['downvote:disabled'] = parseInt(meta.config['downvote:disabled'], 10) === 1;
 		data['feeds:disableRSS'] = parseInt(meta.config['feeds:disableRSS'], 10) === 1;
+		data.csrf = req.csrfToken();

 		var topic_url = tid + (req.params.slug ? '/' + req.params.slug : '');
 		var queryString = qs.stringify(req.query);