HTML: Replace hidden 'action' input with query parameter

The server side can only handle parameters passed as URL query parameters and not inside the request body
iv-org · Oct 29, 2024 · b0c7dd9 · b0c7dd9
1 parent dbdf2ad
commit b0c7dd9
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/src/invidious/views/watch.ecr b/src/invidious/views/watch.ecr
@@ -158,7 +158,7 @@ we're going to need to do it here in order to allow for translations.
             <% if user %>
                 <% playlists = Invidious::Database::Playlists.select_user_created_playlists(user.email) %>
                 <% if !playlists.empty? %>
-                    <form data-onsubmit="return_false" class="pure-form pure-form-stacked" action="/playlist_ajax" method="post" target="_blank">
+                    <form data-onsubmit="return_false" class="pure-form pure-form-stacked" action="/playlist_ajax?action=add_video" method="post" target="_blank">
                         <div class="pure-control-group">
                             <label for="playlist_id"><%= translate(locale, "Add to playlist: ") %></label>
                             <select style="width:100%" name="playlist_id" id="playlist_id">
@@ -169,7 +169,6 @@ we're going to need to do it here in order to allow for translations.
                         </div>
 
                         <input type="hidden" name="csrf_token" value="<%= URI.encode_www_form(env.get?("csrf_token").try &.as(String) || "") %>">
-                        <input type="hidden" name="action" value="add_video">
                         <input type="hidden" name="video_id" value="<%= video.id %>">
                         <button data-onclick="add_playlist_video" data-id="<%= video.id %>" type="submit" class="pure-button pure-button-primary">
                             <b><%= translate(locale, "Add to playlist") %></b>