Separate CSRF checks to function
|Reported by:||Vlastimil Zíma||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
I have troubles with enabling CSRF check in some of my views because there is no function that would return True/False or raised an exception.
My situation is like this:
I have 2 views, one that is protected by CSRF and other one is not. Both views calls same rendering function which renders a form that leads to protected view.
Problem is when first request ends at unprotected view, I have no CSRF_COOKIE in request.META and csrf_token template tag did not rendered one, so rendering returns a form that will always return CSRF reject page.
Change History (8)
comment:3 Changed 6 years ago by
|Component:||Core framework → Documentation|
|Triage Stage:||Unreviewed → Accepted|