From ad3f1233df672688c09ab923d8bb216a351db8cb Mon Sep 17 00:00:00 2001
From: Nathan Yergler <nathan@yergler.net>
Date: Sun, 13 Nov 2011 11:59:24 -0800
Subject: [PATCH] Issue 653: Handle the case where request.vary is None

---
 mediagoblin/middleware/csrf.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/mediagoblin/middleware/csrf.py b/mediagoblin/middleware/csrf.py
index 6c977f21..d0601af8 100644
--- a/mediagoblin/middleware/csrf.py
+++ b/mediagoblin/middleware/csrf.py
@@ -98,7 +98,7 @@ class CsrfMiddleware(object):
             httponly=True)
 
         # update the Vary header
-        response.vary = getattr(response, 'vary', []) + ['Cookie']
+        response.vary = (getattr(response, 'vary') or []) + ['Cookie']
 
     def _make_token(self, request):
         """Generate a new token to use for CSRF protection."""
-- 
2.25.1