added XSRF protection to all forms and associated tests

[bluechips.git] / bluechips / templates / user / index.mako

diff --git a/bluechips/templates/user/index.mako b/bluechips/templates/user/index.mako
index c2932525a3bb42aa14f4c77bce41d24e3eff4a2d..af8d3a646df90daff171a620bfd3d5b3094eb355 100644 (file)
--- a/bluechips/templates/user/index.mako
+++ b/bluechips/templates/user/index.mako
@@ -4,6 +4,7 @@
 
 <p>Enter an email address below if you wish to be notified of any updates to transactions involving you. Leave blank to not receive notifications.</p>
 <form action="${h.url_for(controller='user', action='update')}" method="post">
+  ${h.auth_token_hidden_field()}
   <table class="form">
     <tr>
       <th><label for="new_email">Email</label></th>