Ticket #12130: 12130_r11706.diff
| File 12130_r11706.diff, 2.7 KB (added by , 15 years ago) |
|---|
-
django/core/context_processors.py
47 47 it has not been provided by either a view decorator or the middleware 48 48 """ 49 49 def _get_val(): 50 token = get_token(request) 51 if token is None: 52 # In order to be able to provide debugging info in the 53 # case of misconfiguration, we use a sentinel value 54 # instead of returning an empty dict. 55 return 'NOTPROVIDED' 56 else: 57 return token 50 return get_token(request) 58 51 _get_val = lazy(_get_val, str) 59 52 60 53 return {'csrf_token': _get_val() } -
django/template/defaulttags.py
41 41 def render(self, context): 42 42 csrf_token = context.get('csrf_token', None) 43 43 if csrf_token: 44 if csrf_token == 'NOTPROVIDED': 45 return mark_safe(u"") 46 else: 47 return mark_safe(u"<div style='display:none'><input type='hidden' name='csrfmiddlewaretoken' value='%s' /></div>" % (csrf_token)) 44 return mark_safe(u"<div style='display:none'><input type='hidden' name='csrfmiddlewaretoken' value='%s' /></div>" % (csrf_token)) 48 45 else: 49 46 # It's very probable that the token is missing because of 50 47 # misconfiguration, so we raise a warning -
django/middleware/csrf.py
50 50 function lazily, as is done by the csrf context processor. 51 51 """ 52 52 request.META["CSRF_COOKIE_USED"] = True 53 return request.META.get("CSRF_COOKIE", None) 53 try: 54 token = request.META["CSRF_COOKIE"] 55 except KeyError: 56 token = request.META["CSRF_COOKIE"] = _get_new_csrf_key() 57 return token 54 58 55 59 class CsrfViewMiddleware(object): 56 60 """ -
tests/regressiontests/csrf_tests/tests.py
268 268 """ 269 269 req = self._get_GET_no_csrf_cookie_request() 270 270 resp = token_view(req) 271 self. assertEquals(u"", resp.content)271 self._check_token_present(resp, req.META["CSRF_COOKIE"]) 272 272 273 273 def test_token_node_with_csrf_cookie(self): 274 274 """