diff options
| author | r <r@freesoftwareextremist.com> | 2021-01-17 05:44:07 +0000 |
|---|---|---|
| committer | r <r@freesoftwareextremist.com> | 2021-01-17 05:44:07 +0000 |
| commit | f4620a8c69a71a4e99ed4e51346ec630f7c3aee2 (patch) | |
| tree | 9066b66db1f573d3016c1d960cf686690c78736b /templates | |
| parent | e8bfd3093b0bf16c2ce56b3905ea640aa26d0127 (diff) | |
| download | bloat-f4620a8c69a71a4e99ed4e51346ec630f7c3aee2.tar.gz bloat-f4620a8c69a71a4e99ed4e51346ec630f7c3aee2.zip | |
Make redirection work without Referer header
Diffstat (limited to 'templates')
| -rw-r--r-- | templates/nav.tmpl | 1 | ||||
| -rw-r--r-- | templates/notification.tmpl | 3 | ||||
| -rw-r--r-- | templates/postform.tmpl | 1 | ||||
| -rw-r--r-- | templates/requestlist.tmpl | 2 | ||||
| -rw-r--r-- | templates/settings.tmpl | 1 | ||||
| -rw-r--r-- | templates/status.tmpl | 8 | ||||
| -rw-r--r-- | templates/user.tmpl | 11 |
7 files changed, 27 insertions, 0 deletions
diff --git a/templates/nav.tmpl b/templates/nav.tmpl index 97898c8..fdff885 100644 --- a/templates/nav.tmpl +++ b/templates/nav.tmpl @@ -25,6 +25,7 @@ <a class="nav-link" href="/settings" target="_top" accesskey="7" title="Settings (7)">settings</a> <form class="signout" action="/signout" method="post" target="_top"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="signout" class="btn-link nav-link" accesskey="8" title="Signout (8)"> </form> </div> diff --git a/templates/notification.tmpl b/templates/notification.tmpl index 567bcf0..4eed61b 100644 --- a/templates/notification.tmpl +++ b/templates/notification.tmpl @@ -11,6 +11,7 @@ {{if .ReadID}} <form class="notification-read" action="/notifications/read?max_id={{.ReadID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="read" class="btn-link" accesskey="C" title="Clear unread notifications (C)"> </form> {{end}} @@ -57,11 +58,13 @@ </div> <form class="d-inline" action="/accept/{{.Account.ID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="accept" class="btn-link"> </form> - <form class="d-inline" action="/reject/{{.Account.ID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="reject" class="btn-link"> </form> </div> diff --git a/templates/postform.tmpl b/templates/postform.tmpl index f00c300..b81126c 100644 --- a/templates/postform.tmpl +++ b/templates/postform.tmpl @@ -1,6 +1,7 @@ {{with .Data}} <form class="post-form" action="/post" method="POST" enctype="multipart/form-data" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> {{if .ReplyContext}} <input type="hidden" name="reply_to_id" value="{{.ReplyContext.InReplyToID}}" /> <label for="post-content" class="post-form-title"> Reply to {{.ReplyContext.InReplyToName}} </label> diff --git a/templates/requestlist.tmpl b/templates/requestlist.tmpl index 232b56d..eec75f2 100644 --- a/templates/requestlist.tmpl +++ b/templates/requestlist.tmpl @@ -16,11 +16,13 @@ </div> <form class="d-inline" action="/accept/{{.ID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="accept" class="btn-link"> </form> - <form class="d-inline" action="/reject/{{.ID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="reject" class="btn-link"> </form> </div> diff --git a/templates/settings.tmpl b/templates/settings.tmpl index baeb64d..4a72b6a 100644 --- a/templates/settings.tmpl +++ b/templates/settings.tmpl @@ -4,6 +4,7 @@ <form id="settings-form" action="/settings" method="POST"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <div class="settings-form-field"> <label for="visibility"> Default format </label> {{$defFormat := .Settings.DefaultFormat}} diff --git a/templates/status.tmpl b/templates/status.tmpl index a46129f..a1e2d9f 100644 --- a/templates/status.tmpl +++ b/templates/status.tmpl @@ -38,23 +38,27 @@ {{if .Muted}} <form action="/unmuteconv/{{.ID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="unmute" class="btn-link more-link"> </form> {{else}} <form action="/muteconv/{{.ID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="mute" class="btn-link more-link"> </form> {{end}} {{if .Bookmarked}} <form action="/unbookmark/{{.ID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="hidden" name="retweeted_by_id" value="{{.RetweetedByID}}"> <input type="submit" value="unbookmark" class="btn-link more-link"> </form> {{else}} <form action="/bookmark/{{.ID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="hidden" name="retweeted_by_id" value="{{.RetweetedByID}}"> <input type="submit" value="bookmark" class="btn-link more-link"> </form> @@ -62,6 +66,7 @@ {{if eq $.Ctx.UserID .Account.ID}} <form action="/delete/{{.ID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="delete" class="btn-link more-link"> </form> {{end}} @@ -143,6 +148,7 @@ {{if .Poll}} <form class="poll-form" action="/vote/{{.Poll.ID}}" method="POST" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="hidden" name="status_id" value="{{$s.ID}}"> {{range $i, $o := .Poll.Options}} <div class="poll-option"> @@ -195,6 +201,7 @@ {{$rt := "retweet"}} {{if .Reblogged}} {{$rt = "unretweet"}} {{end}} <form class="status-retweet" data-action="{{$rt}}" action="/{{$rt}}/{{.ID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="hidden" name="retweeted_by_id" value="{{.RetweetedByID}}"> <input type="submit" value="{{$rt}}" class="btn-link"> <a class="status-retweet-count" href="/retweetedby/{{.ID}}" title="click to see the the list"> @@ -209,6 +216,7 @@ {{$like := "like"}} {{if .Favourited}} {{$like = "unlike"}} {{end}} <form class="status-like" data-action="{{$like}}" action="/{{$like}}/{{.ID}}" method="post" target="_self"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="hidden" name="retweeted_by_id" value="{{.RetweetedByID}}"> <input type="submit" value="{{$like}}" class="btn-link"> <a class="status-like-count" href="/likedby/{{.ID}}" title="click to see the the list"> diff --git a/templates/user.tmpl b/templates/user.tmpl index 5ef411a..af6a8d1 100644 --- a/templates/user.tmpl +++ b/templates/user.tmpl @@ -23,11 +23,13 @@ {{if .User.Pleroma.Relationship.Following}} <form class="d-inline" action="/unfollow/{{.User.ID}}" method="post"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="unfollow" class="btn-link"> </form> {{else}} <form class="d-inline" action="/follow/{{.User.ID}}" method="post"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="{{if .User.Pleroma.Relationship.Requested}}resend request{{else}}follow{{end}}" class="btn-link"> </form> {{end}} @@ -35,6 +37,7 @@ - <form class="d-inline" action="/unfollow/{{.User.ID}}" method="post"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="cancel request" class="btn-link"> </form> {{end}} @@ -42,11 +45,13 @@ {{if .User.Pleroma.Relationship.Subscribing}} <form class="d-inline" action="/unsubscribe/{{.User.ID}}" method="post"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="unsubscribe" class="btn-link"> </form> {{else}} <form class="d-inline" action="/subscribe/{{.User.ID}}" method="post"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="subscribe" class="btn-link"> </form> {{end}} @@ -55,11 +60,13 @@ {{if .User.Pleroma.Relationship.Blocking}} <form class="d-inline" action="/unblock/{{.User.ID}}" method="post"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="unblock" class="btn-link"> </form> {{else}} <form class="d-inline" action="/block/{{.User.ID}}" method="post"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="block" class="btn-link"> </form> {{end}} @@ -67,11 +74,13 @@ {{if .User.Pleroma.Relationship.Muting}} <form class="d-inline" action="/unmute/{{.User.ID}}" method="post"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="unmute" class="btn-link"> </form> {{else}} <form class="d-inline" action="/mute/{{.User.ID}}" method="post"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="mute" class="btn-link"> </form> {{end}} @@ -80,11 +89,13 @@ {{if .User.Pleroma.Relationship.ShowingReblogs}} <form class="d-inline" action="/follow/{{.User.ID}}?reblogs=false" method="post"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="hide retweets" class="btn-link"> </form> {{else}} <form class="d-inline" action="/follow/{{.User.ID}}" method="post"> <input type="hidden" name="csrf_token" value="{{$.Ctx.CSRFToken}}"> + <input type="hidden" name="referrer" value="{{$.Ctx.Referrer}}"> <input type="submit" value="show retweets" class="btn-link"> </form> {{end}} |