diff --git a/jupyterhub_announcement/announcement.py b/jupyterhub_announcement/announcement.py index 12d3010..add135b 100644 --- a/jupyterhub_announcement/announcement.py +++ b/jupyterhub_announcement/announcement.py @@ -149,6 +149,7 @@ def initialize(self, argv=None): "static_path": os.path.join(self.data_files_path, "static"), "static_url_prefix": url_path_join(self.service_prefix, "static/"), "log": self.log, + "xsrf_cookies": True, } self.app = web.Application( diff --git a/jupyterhub_announcement/handlers.py b/jupyterhub_announcement/handlers.py index 79a2b62..d1834cf 100644 --- a/jupyterhub_announcement/handlers.py +++ b/jupyterhub_announcement/handlers.py @@ -46,6 +46,7 @@ def get(self): base_url=prefix, no_spawner_check=True, parsed_scopes=user.get("hub_scopes") or [], + xsrf_form_html=self.xsrf_form_html, ) ) diff --git a/setup.py b/setup.py index 32bf0a8..eb6ee1d 100644 --- a/setup.py +++ b/setup.py @@ -16,5 +16,5 @@ name="jupyterhub-announcement", packages=["jupyterhub_announcement"], url="https://github.com/rcthomas/jupyterhub-announcement", - version="1.0.0.dev", + version="0.9.2.dev", ) diff --git a/templates/index.html b/templates/index.html index 9799103..d23319c 100644 --- a/templates/index.html +++ b/templates/index.html @@ -15,6 +15,7 @@ {% if user.admin %}
+ {{ xsrf_form_html() | safe }}