Bug 593138: When confirming a CSRF violation (the confirm-action page),

include an HTML comment describing the exact violation that occurred, so that screen-scrapers can know what violation they hit. r=mkanat, a=mkanat

Bug 593138: When confirming a CSRF violation (the confirm-action page),
3857fbed · Max Kanat-Alexander · 4b2ebcb3 · 3857fbed
Commit 3857fbed authored Oct 22, 2010 by Max Kanat-Alexander
Hide whitespace changes
Inline Side-by-side

Showing with 1 addition and 0 deletions

confirm-action.html.tmpl template/en/default/global/confirm-action.html.tmpl +1 -0

No files found.
--- a/template/en/default/global/confirm-action.html.tmpl
+++ b/template/en/default/global/confirm-action.html.tmpl
@@ -27,6 +27,7 @@
                                   style_urls = ['skins/standard/global.css'] %]

 <div class="throw_error">
+<!--reason=[%reason FILTER html %]-->
  [% IF reason == "expired_token" %]
    Your changes have been rejected because you exceeded the time limit
    of [% constants.MAX_TOKEN_AGE FILTER html %] days before submitting your