#9356: CSRFMiddleware should take session key from request.session
-----------------------------------+----------------------------------------
Reporter: bthomas | Owner: nobody
Status: new | Milestone: 1.1
Component: Contrib apps | Version: 1.0
Resolution: | Keywords:
Stage: Accepted | Has_patch: 1
Needs_docs: 0 | Needs_tests: 1
Needs_better_patch: 1 |
-----------------------------------+----------------------------------------
Changes (by bthomas):
* needs_better_patch: 0 => 1
* needs_tests: 0 => 1
* stage: Design decision needed => Accepted
Comment:
The reasoning behind this was discussed in more detail on #9977, and the
patch on that ticket includes the fix for this. Since #9977 is not going
to be included in 1.1 (and possibly not ever), either myself or Luke need
to make a better patch for this bug based on his improved fix in the #9977
patch.
Also needs tests.
--
Ticket URL: <http://code.djangoproject.com/ticket/9356#comment:3>
Django <http://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-updates@googlegroups.com
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
