diff options
Diffstat (limited to 'public/javascripts/cheat.js')
| -rw-r--r-- | public/javascripts/cheat.js | 6 |
1 files changed, 6 insertions, 0 deletions
diff --git a/public/javascripts/cheat.js b/public/javascripts/cheat.js index 242dd79..c774e9f 100644 --- a/public/javascripts/cheat.js +++ b/public/javascripts/cheat.js | |||
| @@ -20,11 +20,17 @@ new Konami(function () { | |||
| 20 | form.setAttribute('method', 'post'); | 20 | form.setAttribute('method', 'post'); |
| 21 | form.setAttribute('action', '/console'); | 21 | form.setAttribute('action', '/console'); |
| 22 | 22 | ||
| 23 | var csrfToken = document.createElement('input'); | ||
| 24 | csrfToken.setAttribute('type', 'hidden'); | ||
| 25 | csrfToken.setAttribute('name', 'csrfToken'); | ||
| 26 | csrfToken.setAttribute('value', document.body.dataset.token); | ||
| 27 | |||
| 23 | var field = document.createElement('input'); | 28 | var field = document.createElement('input'); |
| 24 | field.setAttribute('type', 'text'); | 29 | field.setAttribute('type', 'text'); |
| 25 | field.setAttribute('name', 'command'); | 30 | field.setAttribute('name', 'command'); |
| 26 | field.setAttribute('autocomplete', 'off'); | 31 | field.setAttribute('autocomplete', 'off'); |
| 27 | 32 | ||
| 33 | form.appendChild(csrfToken); | ||
| 28 | form.appendChild(field); | 34 | form.appendChild(field); |
| 29 | document.getElementsByTagName('body')[0].appendChild(form); | 35 | document.getElementsByTagName('body')[0].appendChild(form); |
| 30 | 36 | ||