switch to runFormPostNoToken to work around strange yesod bug
I am not happy about disabling yesod's XSRF tokens, but the webapp has two guards of its own that should suffice: Listening only to localhost (normally) and requiring its own auth token on every single request (always).
This commit is contained in:
parent
ce2f461ec7
commit
267f8b0bb5
11 changed files with 20 additions and 18 deletions
|
@ -265,7 +265,7 @@ data InputSecret = InputSecret { secretText :: Maybe Text }
|
|||
promptSecret :: Maybe PairMsg -> (Text -> Secret -> Widget) -> Handler Html
|
||||
promptSecret msg cont = pairPage $ do
|
||||
((result, form), enctype) <- liftH $
|
||||
runFormPost $ renderBootstrap $
|
||||
runFormPostNoToken $ renderBootstrap $
|
||||
InputSecret <$> aopt textField "Secret phrase" Nothing
|
||||
case result of
|
||||
FormSuccess v -> do
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue