mirror of
https://github.com/simonw/datasette.git
synced 2026-06-14 04:56:59 +02:00
0b639a8122- New CSRF protection middleware inspired by Go 1.25 and research by Filippo Valsorda - https://words.filippo.io/csrf/ - this replaces the old CSRF token based protection. - Removes all instances of `<input type="hidden" name="csrftoken" value="{{ csrftoken() }}">` in the templates - they are no longer needed. - Removes the `def skip_csrf(datasette, scope):` plugin hook defined in `datasette/hookspecs.py` and its documentation and tests. - Updated CSRF protection documentation to describe the new approach. - Upgrade guide now describes the CSRF change.
17 lines
333 B
HTML
17 lines
333 B
HTML
{% extends "base.html" %}
|
|
|
|
{% block title %}Log out{% endblock %}
|
|
|
|
{% block content %}
|
|
|
|
<h1>Log out</h1>
|
|
|
|
<p>You are logged in as <strong>{{ display_actor(actor) }}</strong></p>
|
|
|
|
<form class="core" action="{{ urls.logout() }}" method="post">
|
|
<div>
|
|
<input type="submit" value="Log out">
|
|
</div>
|
|
</form>
|
|
|
|
{% endblock %}
|