#19436: ensure_csrf_cookie decorator issues a "CSRF token missing or incorrect" warning. -------------------------------+-------------------------------------- Reporter: wrr@… | Owner: nobody Type: Bug | Status: closed Component: Uncategorized | Version: 1.4 Severity: Normal | Resolution: invalid Keywords: csrf | Triage Stage: Unreviewed Has patch: 0 | Needs documentation: 0 Needs tests: 0 | Patch needs improvement: 0 Easy pickings: 0 | UI/UX: 0 -------------------------------+-------------------------------------- Changes (by aaugustin):
* status: new => closed * needs_docs: => 0 * resolution: => invalid * needs_tests: => 0 * needs_better_patch: => 0 Comment: This string exists only once in the entire codebase, in `django/middleware/csrf.py`: {{{ REASON_BAD_TOKEN = "CSRF token missing or incorrect." }}} `REASON_BAD_TOKEN` is used only once, in `CsrfViewMiddleware.process_view`. I'm not sure how you determined that "the application does not use `CsrfViewMiddleware`"; as far as I can tell, it does. -- Ticket URL: <https://code.djangoproject.com/ticket/19436#comment:1> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com. To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.