use Constants.RequestVerificationToken rather than magic string

2024-03-29 11:19:21 -04:00
parent 26220b2f54
commit 5b3849082f
6 changed files with 9 additions and 9 deletions
--- a/Oqtane.Client/Themes/Controls/Theme/ControlPanel.razor
+++ b/Oqtane.Client/Themes/Controls/Theme/ControlPanel.razor
@ -12,7 +12,7 @@
@if (_showEditMode || (PageState.Page.IsPersonalizable && PageState.User != null && UserSecurity.IsAuthorized(PageState.User, RoleNames.Registered)))
 {
    <form method="post" class="app-form-inline" @formname="EditModeForm" @onsubmit="@(async () => await ToggleEditMode(PageState.EditMode))" data-enhance>
-        <input type="hidden" name="__RequestVerificationToken" value="@SiteState.AntiForgeryToken" />
+        <input type="hidden" name="@Constants.RequestVerificationToken" value="@SiteState.AntiForgeryToken" />
        @if (PageState.EditMode)
        {
            <button type="submit" class="btn @ButtonClass active" aria-pressed="true" autocomplete="off">
--- a/Oqtane.Client/Themes/Controls/Theme/Login.razor
+++ b/Oqtane.Client/Themes/Controls/Theme/Login.razor
@ -16,7 +16,7 @@
            else
            {
                <form method="post" class="app-form-inline" action="@logouturl" @formname="LogoutForm">
-                    <input type="hidden" name="__RequestVerificationToken" value="@SiteState.AntiForgeryToken" />
+                    <input type="hidden" name="@Constants.RequestVerificationToken" value="@SiteState.AntiForgeryToken" />
                    <input type="hidden" name="returnurl" value="@returnurl" />
                    <button type="submit" class="btn btn-primary">@Localizer["Logout"]</button>
                </form>