Fix missing CSRF tokens in all delete forms
- Added @Html.AntiForgeryToken() to Products delete form - Added @Html.AntiForgeryToken() to Categories delete form - Added @Html.AntiForgeryToken() to Users delete form - Added @Html.AntiForgeryToken() to ShippingRates delete form - Added @Html.AntiForgeryToken() to Product Variations delete form This fixes the 400 Bad Request errors when trying to delete items
This commit is contained in:
@@ -68,8 +68,9 @@
|
||||
</a>
|
||||
@if (user.Username != "admin")
|
||||
{
|
||||
<form method="post" action="@Url.Action("Delete", new { id = user.Id })" class="d-inline"
|
||||
<form method="post" action="@Url.Action("Delete", new { id = user.Id })" class="d-inline"
|
||||
onsubmit="return confirm('Are you sure you want to delete this user?')">
|
||||
@Html.AntiForgeryToken()
|
||||
<button type="submit" class="btn btn-outline-danger">
|
||||
<i class="fas fa-trash"></i>
|
||||
</button>
|
||||
|
||||
Reference in New Issue
Block a user