Video formats work now and CSRF protection is activ

2024-06-19 15:12:11 +02:00
parent 46a8b2244f
commit 78e313ad29
7 changed files with 77 additions and 28 deletions
--- a/slaeforms/templates/standard_template.html
+++ b/slaeforms/templates/standard_template.html
@@ -3,16 +3,16 @@
 {% macro single_video(video_url, embed="yt", title="",width="560", height="315", class="center", code="<p>No code given
 </p>") -%}
 {% if (embed == "yt") %}
-<div class={{center}}>
+
    {% if (title != "") %}
    <h3>{{title}}</h3>
    {% endif %}
-    <div class="video-container">
+    <div class="iframe-container">
        <iframe class="center" src="{{ video_url }}" title="YouTube video player" frameborder="0"
            allow="accelerometer; autoplay; clipboard-write; encrypted-media; gyroscope; picture-in-picture; web-share"
            allowfullscreen></iframe>
    </div>
-</div>
+
 {% else %}
 {{code}}
 {% endif %}
@@ -66,6 +66,7 @@ step={{question["step"]}}
        {% endif %}

        <form class="formlayout" id="question_form" action="http://localhost:5000/send_json" method="post">
+            <input type="hidden" name="csrf_token" value="{{ csrf_token() }}"/>
            {% for question in questions %}
            {% if (questions[question]["type"] == "likert") %}
            <div class="likercontainer">
@@ -163,7 +164,7 @@ step={{question["step"]}}
            </div>

            <div class="spacer" aria-hidden="true" style="height:15px"></div>
-            <div id="videoContainer" style="display:none">
+            <div id="videoContainer" style="display:none" class="video-container">
                <video autoplay muted playsinline id="videoDisplay"></video>
            </div>