u/pc/rhodecode-enterprise-ce-fork-pc Commit - r2088:4558ec55

1890

return wh_form(url, method=method, **attrs)

1890

return wh_form(url, method=method, **attrs)

1891

1892

1893

def secure_form(url, method="POST", multipart=False, **attrs):

1893

def secure_form(form_url, method="POST", multipart=False, **attrs):

1894

"""Start a form tag that points the action to an url. This

1894

"""Start a form tag that points the action to an url. This

1895

form tag will also include the hidden field containing

1895

form tag will also include the hidden field containing

1896

the auth token.

1896

the auth token.

1910

1911

"""

1911

"""

1912

from webhelpers.pylonslib.secure_form import insecure_form

1912

from webhelpers.pylonslib.secure_form import insecure_form

1913

form = insecure_form(url, method, multipart, **attrs)

1914

1913

1915

session = None

1914

session = None

1915

1916

# TODO(marcink): after pyramid migration require request variable ALWAYS

1916

# TODO(marcink): after pyramid migration require request variable ALWAYS

1917

if 'request' in attrs:

1917

if 'request' in attrs:

1918

session = attrs['request'].session

1918

session = attrs['request'].session

1919

del attrs['request']

1919

1920

1921

form = insecure_form(form_url, method, multipart, **attrs)

1920

token = literal(

1922

token = literal(

1921

'<input type="hidden" id="{}" name="{}" value="{}">'.format(

1923

'<input type="hidden" id="{}" name="{}" value="{}">'.format(

1922

csrf_token_key, csrf_token_key, get_csrf_token(session)))

1924

csrf_token_key, csrf_token_key, get_csrf_token(session)))

	Site-wide shortcuts
/	Use quick search box
g h	Goto home page
g g	Goto my private gists page
g G	Goto my public gists page
g 0-9	Goto bookmarked items from 0-9
n r	New repository page
n g	New gist page

	Repositories
g s	Goto summary page
g c	Goto changelog page
g f	Goto files page
g F	Goto files page with file search activated
g p	Goto pull requests page
g o	Goto repository settings
g O	Goto repository access permissions settings
t s	Toggle sidebar on some pages

                 return wh_form(url, method=method, **attrs)
-            def secure_form(url, method="POST", multipart=False, **attrs):
+            def secure_form(form_url, method="POST", multipart=False, **attrs):
                 """Start a form tag that points the action to an url. This
                 form tag will also include the hidden field containing
                 the auth token.
                 """
                 from webhelpers.pylonslib.secure_form import insecure_form
-                form = insecure_form(url, method, multipart, **attrs)
                 session = None
                 # TODO(marcink): after pyramid migration require request variable ALWAYS
                 if 'request' in attrs:
                     session = attrs['request'].session
+                    del attrs['request']
+                form = insecure_form(form_url, method, multipart, **attrs)
                 token = literal(
                     '<input type="hidden" id="{}" name="{}" value="{}">'.format(
                     csrf_token_key, csrf_token_key, get_csrf_token(session)))