Author: lukeplant Date: 2010-02-04 15:47:19 -0600 (Thu, 04 Feb 2010) New Revision: 12381
Modified: django/trunk/django/contrib/flatpages/views.py Log: Fixed #12358 - csrf_token template tag does not work with flatpages. Thanks to phretor for the report. Modified: django/trunk/django/contrib/flatpages/views.py =================================================================== --- django/trunk/django/contrib/flatpages/views.py 2010-02-03 18:12:35 UTC (rev 12380) +++ django/trunk/django/contrib/flatpages/views.py 2010-02-04 21:47:19 UTC (rev 12381) @@ -5,9 +5,15 @@ from django.conf import settings from django.core.xheaders import populate_xheaders from django.utils.safestring import mark_safe +from django.views.decorators.csrf import csrf_protect DEFAULT_TEMPLATE = 'flatpages/default.html' +# This view is called from FlatpageFallbackMiddleware.process_response +# when a 404 is raised, which often means CsrfViewMiddleware.process_view +# has not been called even if CsrfViewMiddleware is installed. So we need +# to use @csrf_protect, in case the template needs {% csrf_token %}. +...@csrf_protect def flatpage(request, url): """ Flat page view. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-upda...@googlegroups.com. To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-updates?hl=en.