Fix more CSRFs (#8035)

Follow-up of #8000 Some were still missed in `feedController`. even had comments but no check: https://github.com/FreshRSS/FreshRSS/blob/0d463b67bdade2e896b7fa74595950eeaadd55fe/app/Controllers/feedController.php#L1053-L1055 https://github.com/FreshRSS/FreshRSS/blob/0d463b67bdade2e896b7fa74595950eeaadd55fe/app/Controllers/feedController.php#L374-L376
author: Inverle <inverle@proton.me> 2025-09-29 23:52:19 +0200
committer: GitHub <noreply@github.com> 2025-09-29 23:52:19 +0200
commit: 11e6e0394c9e617a56ac29afc7a341f19ac6662d (patch)
tree: eb3b42319575afa84254e392f576e10e0cd6ab76 /app/views
parent: 0d463b67bdade2e896b7fa74595950eeaadd55fe (diff)
1 files changed, 2 insertions, 2 deletions
diff --git a/app/views/helpers/feed/update.phtml b/app/views/helpers/feed/update.phtml
index 7c38487f5..f6419e301 100644
--- a/app/views/helpers/feed/update.phtml
+++ b/app/views/helpers/feed/update.phtml
@@ -870,9 +870,9 @@
 	<h2><?= _t('sub.feed.maintenance.title') ?></h2>
 	<div class="form-group">
 		<div class="group-controls">
-			<a class="btn btn-important" href="<?= _url('feed', 'clearCache', 'id', $this->feed->id(), '#', 'slider') ?>">
+			<button class="btn btn-important" form="post-csrf" formaction="<?= _url('feed', 'clearCache', 'id', $this->feed->id(), '#', 'slider') ?>">
 				<?= _t('sub.feed.maintenance.clear_cache') ?>
-			</a>
+			</button>
 			<p class="help"><?= _i('help') ?> <?= _t('sub.feed.maintenance.clear_cache_help') ?></p>
 		</div>
 		<div class="group-controls">
author	Inverle <inverle@proton.me>	2025-09-29 23:52:19 +0200
committer	GitHub <noreply@github.com>	2025-09-29 23:52:19 +0200
commit	11e6e0394c9e617a56ac29afc7a341f19ac6662d (patch)
tree	eb3b42319575afa84254e392f576e10e0cd6ab76 /app/views
parent	0d463b67bdade2e896b7fa74595950eeaadd55fe (diff)