Re: Request for review for a small fix in the csrf view
> In short, the first patch add a bullet point in the CSRF error page > which states that this > error can be triggered by disabled cookies. I committed this change. > The second patch fixes the middleware itself to make the page show the > correct error message if the > error is caused by disabled cookies. Your patch didn't pass the test suite, but more importantly, it ties the CSRF protection to the session framework, which is a dependency we have worked hard to avoid. I don't think we can commit anything like your patch, since it actually changes the behavior pretty significantly. -Paul -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
Request for review for a small fix in the csrf view
I've submitted a ticket[1] with two patches as a follow-up to this discussion: http://groups.google.com/group/django-developers/browse_thread/thread/ca34924871e3c00b/b29cd0e17c010f54?lnk=gst=csrf+cookie+haineault#b29cd0e17c010f54 In short, the first patch add a bullet point in the CSRF error page which states that this error can be triggered by disabled cookies. The second patch fixes the middleware itself to make the page show the correct error message if the error is caused by disabled cookies. The error message was already in the django source code, it was just not used. Both are really small patches, but I decided to make two patch to increase the chances that at least the error message gets in for 1.4 final (it's only two lines of HTML). I did not dare to mark it as release blocker, but I do believe it should be in 1.4.. 1. https://code.djangoproject.com/ticket/17732 -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
