fix: Add link to hard reload a form that has been tampered with

The content displayed on the error page when a form has been tampered with currently instructs the user to reload the page. However, with a number of modern browsers this will use the original request method, in this case a `POST`, which will cause the error to continue to appear. This change adds a link to the instruction that will force the browser to reload this page with a `GET` which will regenerate the CSRF token and prevent the error from re-appearing.
ministryofjustice · Oct 30, 2020 · 4dbcca7 · 4dbcca7
1 parent 0dca482
commit 4dbcca7
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/locales/en/errors.json b/locales/en/errors.json
@@ -25,7 +25,7 @@
   },
   "tampered_with": {
     "heading": "This form has been tampered with",
-    "content": "Try to reload the page and submit the form again in a few moments."
+    "content": "Try to <a href=\"\">reload the page</a> and submit the form again in a few moments."
   },
   "csrf_error": {
     "heading": "$t(errors::tampered_with.heading)",