matched_route has been around since at least 1.0. It's only "not None" if
using url dispatch. Also, it's a failed attempt at a fix anyway, because now
I remember that it isn't populated until after the NewRequest subscriber has
been called. Perhaps you should place your CSRF checks on a ContextFoun
I'm not sure I follow this exactly, but could you create a template fragment
(a %def in Mako) that contains the form and then call it with the
differentiating args? Something like this:
<%def name="make_form(action, submit_value)">
--
You received this message beca
can't you do it with AJAX?
On Sep 29, 6:33 pm, neurino wrote:
> Quickly my need:
>
> each user has a *profile* view (`/profile`) with its _items_ listed in
> it.
>
> The list is no more than a POST form with a checkboxes list and
> several submit buttons:
>
> - Create new
> - Delete selected it
Quickly my need:
each user has a *profile* view (`/profile`) with its _items_ listed in
it.
The list is no more than a POST form with a checkboxes list and
several submit buttons:
- Create new
- Delete selected items
- Compare selected items
While I can:
- Redirect user to *new* view (`/ne
I have some very long-running processes in my controller, wherein when
the method in the controller finishes, a new page is rendered to the
client.
However, often because of the length of time my controller runs for,
things (seem to) time out, the page seen on teh client changes to:
"Temporarily
On Sep 26, 1:58 pm, Michael Merickel wrote:
> Likely you will need to add some code to the "csrf_validation" function to
> exclude the RPC URL. For example:
>
> def csrf_validation(event):
> """ CSRF token exposed to templates
> """
> request = event.request
> if request.matched_ro
