fix csrf value rendering

bf554b1d · Paul Brown · 10b2f19a · bf554b1d · bf554b1d · bf554b1d
Commit bf554b1d authored Jan 19, 2015 by Paul Brown
Showing with 3 additions and 3 deletions

list.html flask_admin/templates/bootstrap2/admin/model/list.html +1 -1

list.html flask_admin/templates/bootstrap3/admin/model/list.html +1 -1

test_model.py flask_admin/tests/test_model.py +1 -1

No files found.
--- a/flask_admin/templates/bootstrap2/admin/model/list.html
+++ b/flask_admin/templates/bootstrap2/admin/model/list.html
@@ -111,7 +111,7 @@
                            <input type="hidden" name="id" value="{{ get_pk_value(row) }}"/>
                            <input type="hidden" name="url" value="{{ return_url }}"/>
                            {% if delete_form.csrf_token %}
-                            <input type="hidden" name="csrf_token" value="{{ delete_form.csrf_token() }}"/>
+                            <input name="csrf_token" type="hidden" value="{{ delete_form.csrf_token._value() }}"/>
                            {% endif %}
                            <button onclick="return confirm('{{ _gettext('Are you sure you want to delete this record?') }}');" title="{{ _gettext('Delete record') }}">
                                <i class="icon-trash"></i>

--- a/flask_admin/templates/bootstrap3/admin/model/list.html
+++ b/flask_admin/templates/bootstrap3/admin/model/list.html
@@ -111,7 +111,7 @@
                            <input type="hidden" name="id" value="{{ get_pk_value(row) }}"/>
                            <input type="hidden" name="url" value="{{ return_url }}"/>
                            {% if delete_form.csrf_token %}
-                            <input type="hidden" name="csrf_token" value="{{ delete_form.csrf_token() }}"/>
+                            <input name="csrf_token" type="hidden" value="{{ delete_form.csrf_token() }}"/>
                            {% endif %}
                            <button onclick="return confirm('{{ _gettext('Are you sure you want to delete this record?') }}');" title="Delete record">
                                <span class="glyphicon glyphicon-trash"></span>

--- a/flask_admin/tests/test_model.py
+++ b/flask_admin/tests/test_model.py
@@ -366,7 +366,7 @@ def test_csrf():
    def get_csrf_token(data):
        data = data.split('name="csrf_token" type="hidden" value="')[1]
-        token = data.split('">')[0]
+        token = data.split('"')[0]
        return token
    app, admin = setup()