Fix EZP-24476: Refactor CSRF token generation in Security login form

> https://jira.ez.no/browse/EZP-24476 Ref ezsystems/ezpublish-kernel#1318
ezpublishlegacy · Jun 25, 2015 · 3b10ace · 3b10ace
1 parent 44c0cde
commit 3b10ace
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 1 deletion.
diff --git a/Resources/views/Security/login.html.twig b/Resources/views/Security/login.html.twig
@@ -27,7 +27,7 @@
                     </div>
 
                     <div class="buttonblock">
-                        <input type="hidden" name="_csrf_token" value="{{ csrf_token }}" />
+                        <input type="hidden" name="_csrf_token" value="{{ csrf_token("authenticate") }}" />
                         <input class="defaultbutton" type="submit" name="LoginButton" value="{{ "Login"|trans }}" />
                     </div>
 

diff --git a/Resources/views/page_header_links.html.twig b/Resources/views/page_header_links.html.twig
@@ -34,6 +34,7 @@
                 </div>
             </fieldset>
             <input type="hidden" name="_target_path" value="" />
+            <input type="hidden" name="_csrf_token" value="{{ csrf_token("authenticate") }}" />
         </form>
     </li>
 {% endif %}