github/datasette
1
0
Fork 0
mirror of https://github.com/simonw/datasette.git synced 2025-12-10 16:51:24 +01:00
Code Issues Projects Releases Packages Wiki Activity

Fix for security issue #918

Browse source
This commit is contained in:
Simon Willison 2020-08-09 09:03:17 -07:00
commit 7f10f0f766
2 changed files with 20 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

2
datasette/templates/query.html
View file

@ -52,7 +52,7 @@
{% endif %}
<p>
<button id="sql-format" type="button" hidden>Format SQL</button>
{% if canned_query %}<input type="hidden" name="csrftoken" value="{{ csrftoken() }}">{% endif %}
{% if canned_write %}<input type="hidden" name="csrftoken" value="{{ csrftoken() }}">{% endif %}
<input type="submit" value="Run SQL">
</p>
</form>