Ticket #12130: 12130_r11706.diff

File 12130_r11706.diff, 2.7 KB (added by Carl Meyer, 15 years ago)

make get_token() create new token if needed

  • django/core/context_processors.py

     
    4747    it has not been provided by either a view decorator or the middleware
    4848    """
    4949    def _get_val():
    50         token = get_token(request)
    51         if token is None:
    52             # In order to be able to provide debugging info in the
    53             # case of misconfiguration, we use a sentinel value
    54             # instead of returning an empty dict.
    55             return 'NOTPROVIDED'
    56         else:
    57             return token
     50        return get_token(request)
    5851    _get_val = lazy(_get_val, str)
    5952
    6053    return {'csrf_token': _get_val() }
  • django/template/defaulttags.py

     
    4141    def render(self, context):
    4242        csrf_token = context.get('csrf_token', None)
    4343        if csrf_token:
    44             if csrf_token == 'NOTPROVIDED':
    45                 return mark_safe(u"")
    46             else:
    47                 return mark_safe(u"<div style='display:none'><input type='hidden' name='csrfmiddlewaretoken' value='%s' /></div>" % (csrf_token))
     44            return mark_safe(u"<div style='display:none'><input type='hidden' name='csrfmiddlewaretoken' value='%s' /></div>" % (csrf_token))
    4845        else:
    4946            # It's very probable that the token is missing because of
    5047            # misconfiguration, so we raise a warning
  • django/middleware/csrf.py

     
    5050    function lazily, as is done by the csrf context processor.
    5151    """
    5252    request.META["CSRF_COOKIE_USED"] = True
    53     return request.META.get("CSRF_COOKIE", None)
     53    try:
     54        token = request.META["CSRF_COOKIE"]
     55    except KeyError:
     56        token = request.META["CSRF_COOKIE"] = _get_new_csrf_key()
     57    return token
    5458
    5559class CsrfViewMiddleware(object):
    5660    """
  • tests/regressiontests/csrf_tests/tests.py

     
    268268        """
    269269        req = self._get_GET_no_csrf_cookie_request()
    270270        resp = token_view(req)
    271         self.assertEquals(u"", resp.content)
     271        self._check_token_present(resp, req.META["CSRF_COOKIE"])
    272272
    273273    def test_token_node_with_csrf_cookie(self):
    274274        """
Back to Top