Some security against XSRF-attacks

[friendica.git] / view / settings_oauth.tpl

diff --git a/view/settings_oauth.tpl b/view/settings_oauth.tpl
index 0de0dbe98ac19937e870f7858064c8b61721b5db..da1398ab9656eb694b3f352ec8b37b6a58a03560 100755 (executable)
--- a/view/settings_oauth.tpl
+++ b/view/settings_oauth.tpl
@@ -4,7 +4,8 @@ $tabs
 
 
 <form action="settings/oauth" method="post" autocomplete="off">
-       
+<input type='hidden' name='form_security_token' value='$form_security_token'>
+
        <div id="profile-edit-links">
                <ul>
                        <li>
@@ -24,7 +25,7 @@ $tabs
                {{ endif }}
                {{ if $app.my }}
                <a href="$baseurl/settings/oauth/edit/$app.client_id" class="icon s22 edit" title="$edit">&nbsp;</a>
-               <a href="$baseurl/settings/oauth/delete/$app.client_id" class="icon s22 delete" title="$delete">&nbsp;</a>
+               <a href="$baseurl/settings/oauth/delete/$app.client_id?t=$form_security_token" class="icon s22 delete" title="$delete">&nbsp;</a>
                {{ endif }}             
        </div>
        {{ endfor }}