Ticket #10884: csrf_re_patch.diff

File csrf_re_patch.diff, 677 bytes (added by Ryszard Szopa <ryszard.szopa@…>, 15 years ago)

patch with new csrf form regexp

  • django/contrib/csrf/middleware.py

     
    2020_ERROR_MSG = mark_safe('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><body><h1>403 Forbidden</h1><p>Cross Site Request Forgery detected. Request aborted.</p></body></html>')
    2121
    2222_POST_FORM_RE = \
    23     re.compile(r'(<form\W[^>]*\bmethod=(\'|"|)POST(\'|"|)\b[^>]*>)', re.IGNORECASE)
     23    re.compile(r'(<form\W[^>]*\bmethod\s*=\s*(\'|"|)POST(\'|"|)\b[^>]*>)', re.IGNORECASE)
    2424
    2525_HTML_TYPES = ('text/html', 'application/xhtml+xml')
    2626
Back to Top