Context Navigation

← Previous Ticket
Next Ticket →

#23825 closed Cleanup/optimization (fixed)

Docs unclear how to use CSRF decorators with class based views.

Reported by:	Jason Weir	Owned by:	Fabio Natali
Component:	Documentation	Version:	dev
Severity:	Normal	Keywords:
Cc:	mail@…	Triage Stage:	Ready for checkin
Has patch:	yes	Needs documentation:	no
Needs tests:	no	Patch needs improvement:	no
Easy pickings:	yes	UI/UX:	no

Description

The current documentation for @csrf_exempt @requires_csrf_token for 1.7 (https://docs.djangoproject.com/en/1.7/ref/contrib/csrf/#django.views.decorators.csrf.csrf_exempt) only indicates how to use the decorator with view methods.
There is no mention of what to do with class-based views.

See 15794

Change History (8)

comment:1 by Tim Graham, 11 years ago

Summary:	CSRF documentation unclear about class based views. → Docs unclear how to use CSRF decorators with class based views.
Triage Stage:	Unreviewed → Accepted
Type:	Uncategorized → Cleanup/optimization

comment:2 by Danilo Bargen, 11 years ago

This is also the case for all the other documentation examples though (csrf_protect, cache_page, csrf_exempt, requires_csrf_token etc). Maybe we should add a section with a link to https://docs.djangoproject.com/en/dev/topics/class-based-views/intro/#decorating-the-class?

comment:3 by Fabio Natali, 11 years ago

I can see 'dev' documentation is affected as well: https://docs.djangoproject.com/en/dev/ref/csrf/.

comment:4 by Danilo Bargen, 11 years ago

Cc:	mail@… added
Version:	1.7 → master

On a second thought, it would probably be good to add a line with a link to all code examples in the docs for the people that primarly use the docs as a reference. Something like "You can also [decorate class based views](...)". Any opinions on this?

Last edited 11 years ago by Danilo Bargen (previous) (diff)

comment:5 by Fabio Natali, 11 years ago

Owner:	changed from nobody to Fabio Natali
Status:	new → assigned

comment:6 by Danilo Bargen, 11 years ago

Has patch:	set
Triage Stage:	Accepted → Ready for checkin

The pull request at https://github.com/django/django/pull/3523 looks good to me.

comment:7 by Fabio Natali, 11 years ago

Thanks dbrgn for updating the ticket with the link to the PR.

comment:8 by Tim Graham <timograham@…>, 11 years ago

Resolution:	→ fixed
Status:	assigned → closed

In fa680ce1e252666d125264b2e93782c127ebe8c8:

Fixed #23825 -- Added links for decorating class-based views to the CSRF docs.

Note: See TracTickets for help on using tickets.

Download in other formats:

Issues