From 202d951c3da1ace184c346271a560e9d3191d98e Mon Sep 17 00:00:00 2001
From: Rodney Ewing <ewing.rj@gmail.com>
Date: Wed, 7 Aug 2013 17:13:38 -0700
Subject: [PATCH] Render 404 if not ajax request

---
 mediagoblin/user_pages/views.py | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/mediagoblin/user_pages/views.py b/mediagoblin/user_pages/views.py
index 2e613697..91ea04b8 100644
--- a/mediagoblin/user_pages/views.py
+++ b/mediagoblin/user_pages/views.py
@@ -199,6 +199,10 @@ def media_post_comment(request, media):
 
 def media_preview_comment(request):
     """Runs a comment through markdown so it can be previewed."""
+    # If this isn't an ajax request, render_404
+    if not request.is_xhr:
+        return render_404(request)
+
     comment = unicode(request.form['comment_content'])
     cleancomment = { "content":cleaned_markdown_conversion(comment)}
 
-- 
2.25.1