csrf_view_exempt stopped CSRF response post-processing working on 1.2
|Reported by:||edevil||Owned by:||lukeplant|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
I tried to upgrade from 1.1 to 1.2 but "csrf_view_exempt" stopped working and no mention of this is made in the documentation.
I have "django.contrib.csrf.middleware.CsrfMiddleware" in my middleware and have a view with the "csrf_view_exempt" decorator. I don't want the request to be checked for the CSRF token but I want the response to be processed and the token added if a form is found.
It seems that the Response CSRF Middleware no longer works if the CSRF View middleware didn't run before, since it checks for the CSRF cookie and there isn't one yet...
Change History (6)
comment:1 Changed 4 years ago by darkrho
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
comment:2 Changed 4 years ago by lukeplant
- Owner changed from nobody to lukeplant
- Status changed from new to assigned
Changed 4 years ago by lukeplant
comment:3 Changed 4 years ago by lukeplant
- Summary changed from csrf_view_exempt stopped working on 1.2 to csrf_view_exempt stopped CSRF response post-processing working on 1.2