mirror of
https://gitea.invidious.io/iv-org/invidious-copy-2022-08-14.git
synced 2024-08-15 00:53:20 +00:00
70cbe91776
So attacks such as XSS (see [0]) will no longer be of an issue. [0]: https://github.com/omarroth/invidious/issues/1022
46 lines
1.8 KiB
Text
46 lines
1.8 KiB
Text
<% content_for "header" do %>
|
|
<title><%= translate(locale, "Token manager") %> - Invidious</title>
|
|
<% end %>
|
|
|
|
<div class="pure-g h-box">
|
|
<div class="pure-u-1-3">
|
|
<h3>
|
|
<%= translate(locale, "`x` tokens", %(<span id="count">#{tokens.size}</span>)) %>
|
|
</h3>
|
|
</div>
|
|
<div class="pure-u-1-3"></div>
|
|
<div class="pure-u-1-3" style="text-align:right">
|
|
<h3>
|
|
<a href="/preferences?referer=<%= URI.encode_www_form(referer) %>"><%= translate(locale, "Preferences") %></a>
|
|
</h3>
|
|
</div>
|
|
</div>
|
|
|
|
<% tokens.each do |token| %>
|
|
<div class="h-box">
|
|
<div class="pure-g<% if token[:session] == sid %> deleted <% end %>">
|
|
<div class="pure-u-3-5">
|
|
<h4 style="padding-left:0.5em">
|
|
<code><%= token[:session] %></code>
|
|
</h4>
|
|
</div>
|
|
<div class="pure-u-1-5" style="text-align:center">
|
|
<h4><%= translate(locale, "`x` ago", recode_date(token[:issued], locale)) %></h4>
|
|
</div>
|
|
<div class="pure-u-1-5" style="text-align:right">
|
|
<h3 style="padding-right:0.5em">
|
|
<form data-onsubmit="return_false" action="/token_ajax?action_revoke_token=1&session=<%= token[:session] %>&referer=<%= env.get("current_page") %>" method="post">
|
|
<input type="hidden" name="csrf_token" value="<%= URI.encode_www_form(env.get?("csrf_token").try &.as(String) || "") %>">
|
|
<a data-onclick="revoke_token" data-session="<%= token[:session] %>" href="#">
|
|
<input style="all:unset" type="submit" value="<%= translate(locale, "revoke") %>">
|
|
</a>
|
|
</form>
|
|
</h3>
|
|
</div>
|
|
</div>
|
|
|
|
<% if tokens[-1].try &.[:session]? != token[:session] %>
|
|
<hr>
|
|
<% end %>
|
|
</div>
|
|
<% end %>
|