Author: lukeplant
Date: 2010-02-04 15:47:19 -0600 (Thu, 04 Feb 2010)
New Revision: 12381
Modified:
django/trunk/django/contrib/flatpages/views.py
Log:
Fixed #12358 - csrf_token template tag does not work with flatpages.
Thanks to phretor for the report.
Modified: django/trunk/django/contrib/flatpages/views.py
===================================================================
--- django/trunk/django/contrib/flatpages/views.py 2010-02-03 18:12:35 UTC
(rev 12380)
+++ django/trunk/django/contrib/flatpages/views.py 2010-02-04 21:47:19 UTC
(rev 12381)
@@ -5,9 +5,15 @@
from django.conf import settings
from django.core.xheaders import populate_xheaders
from django.utils.safestring import mark_safe
+from django.views.decorators.csrf import csrf_protect
DEFAULT_TEMPLATE = 'flatpages/default.html'
+# This view is called from FlatpageFallbackMiddleware.process_response
+# when a 404 is raised, which often means CsrfViewMiddleware.process_view
+# has not been called even if CsrfViewMiddleware is installed. So we need
+# to use @csrf_protect, in case the template needs {% csrf_token %}.
+...@csrf_protect
def flatpage(request, url):
"""
Flat page view.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to django-upda...@googlegroups.com.
To unsubscribe from this group, send email to
django-updates+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en.
