Ticket #28488: t28488.diff

File t28488.diff, 1.2 KB (added by Florian Apolloner, 3 years ago)
  • django/middleware/csrf.py

    diff --git a/django/middleware/csrf.py b/django/middleware/csrf.py
    index d7359e4912..7f7d2709da 100644
    a b class CsrfViewMiddleware(MiddlewareMixin): 
    201201            # Set the Vary header since content varies with the CSRF cookie.
    202202            patch_vary_headers(response, ('Cookie',))
    203203
    204     def process_view(self, request, callback, callback_args, callback_kwargs):
    205         if getattr(request, 'csrf_processing_done', False):
    206             return None
    207 
     204    def process_request(self, request, *args, **kwargs):
    208205        csrf_token = self._get_token(request)
    209206        if csrf_token is not None:
    210207            # Use same token next time.
    211208            request.META['CSRF_COOKIE'] = csrf_token
    212209
     210    def process_view(self, request, callback, callback_args, callback_kwargs):
     211        if getattr(request, 'csrf_processing_done', False):
     212            return None
     213
     214        csrf_token = request.META.get('CSRF_COOKIE')
     215
    213216        # Wait until request.META["CSRF_COOKIE"] has been manipulated before
    214217        # bailing out, so that get_token still works
    215218        if getattr(callback, 'csrf_exempt', False):
Back to Top