Separate CSRF checks to function
|Reported by:||vzima||Owned by:||nobody|
|Has patch:||no||Needs documentation:||no|
|Needs tests:||no||Patch needs improvement:||no|
I have troubles with enabling CSRF check in some of my views because there is no function that would return True/False or raised an exception.
My situation is like this:
I have 2 views, one that is protected by CSRF and other one is not. Both views calls same rendering function which renders a form that leads to protected view.
Problem is when first request ends at unprotected view, I have no CSRF_COOKIE in request.META and csrf_token template tag did not rendered one, so rendering returns a form that will always return CSRF reject page.
Change History (8)
comment:1 Changed 6 years ago by anonymous
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
- Resolution set to invalid
- Status changed from new to closed
comment:2 Changed 6 years ago by lukeplant
- Resolution invalid deleted
- Status changed from closed to reopened
comment:3 Changed 6 years ago by lukeplant
- Component changed from Core framework to Documentation
- Triage Stage changed from Unreviewed to Accepted
comment:7 Changed 5 years ago by lukeplant
- Resolution set to fixed
- Status changed from reopened to closed