filipriec/kompress_eshop
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

custom JS removed in favor of proper CSRF implementation

Browse Source
This commit is contained in:
Priec
2026-06-21 18:22:21 +02:00
parent 86888b3877
commit db6b609937
25 changed files with 94 additions and 72 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
assets/views/macros/ui.html
View File

@@ -29,6 +29,13 @@
outline : outline-primary | outline-secondary | outline-alternate | outline-danger
ghost : ghost-primary | ghost-secondary | ghost-danger #}
{# CSRF hidden field for native (non-htmx) <form method="post"> submits. htmx
requests instead inherit the X-CSRF-Token header from <body hx-headers>.
`csrf_token()` is a global Tera function bound per-request by shared::csrf. #}
{% macro csrf_field() -%}
<input type="hidden" name="_csrf" value="{{ csrf_token() }}">
{%- endmacro %}
{% macro button(label, variant="primary", type="button", href="", attrs="", extra="", icon="", size="px-4 py-2 text-sm") -%}
{%- if variant == "secondary" -%}{% set cls = "border border-secondary bg-secondary text-on-secondary focus-visible:outline-secondary dark:border-secondary-dark dark:bg-secondary-dark dark:text-on-secondary-dark dark:focus-visible:outline-secondary-dark" -%}
{%- elif variant == "danger" -%}{% set cls = "border border-danger bg-danger text-on-danger focus-visible:outline-danger dark:bg-danger dark:border-danger dark:text-on-danger dark:focus-visible:outline-danger" -%}