projects / mediagoblin.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 968dd9e) | patch
Bug #685: only provide CSRF token if it exists
authorElrond <elrond+mediagoblin.org@samba-tng.org>
Sat, 3 Dec 2011 20:20:11 +0000 (21:20 +0100)
committerElrond <elrond+mediagoblin.org@samba-tng.org>
Sat, 3 Dec 2011 20:25:55 +0000 (21:25 +0100)
commit71c6c432a5fe8fe0f96dac284562a8e1b981d669
tree72fefb5d171bfe0211371027ffc94e175b907162tree | snapshot (zip tar.gz)
parent968dd9e735eeeee9da0d1c10735e9bba2817e7c0commit | diff
Bug #685: only provide CSRF token if it exists

This was suggested by Nathan Yergler in the bug logs.
Just implementing it.

- Let render_csrf_form_token return None, if the CSRF_TOKEN
  is not available in the environ, because the
  process_request part of the meddleware has not yet run.

- In render_template: If the returned value from above is
  None, then do not add the csrf_token to the templates
  context.
mediagoblin/meddleware/csrf.py diff | blob | blame | history
mediagoblin/tools/template.py diff | blob | blame | history
Unnamed repository; edit this file 'description' to name the repository.