From 9d8ae07980bccd58e11acbc82e60b651ed20c181 Mon Sep 17 00:00:00 2001
From: Matthew Somerville <matthew@mysociety.org>
Date: Wed, 15 Jun 2016 20:14:51 +0100
Subject: Improve CSRF tokens and add to more forms.

---
 t/app/controller/auth.t | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 't/app/controller/auth.t')

diff --git a/t/app/controller/auth.t b/t/app/controller/auth.t
index 235a3af7e..9b3d9468a 100644
--- a/t/app/controller/auth.t
+++ b/t/app/controller/auth.t
@@ -128,7 +128,7 @@ $mech->not_logged_in_ok;
     ok my $form = $mech->form_name('change_password'),
       "found change password form";
     is_deeply [ sort grep { $_ } map { $_->name } $form->inputs ],    #
-      [ 'confirm', 'new_password' ],
+      [ 'confirm', 'new_password', 'token' ],
       "check we got expected fields (ie not old_password)";
 
     # check the various ways the form can be wrong
-- 
cgit v1.2.3