Opened 12 years ago

Closed 12 years ago

#3157 closed defect (fixed)

[patch] error messge in csrf protection is not valid XHTML

Reported by: mir@… Owned by: Adrian Holovaty
Component: Contrib apps Version:
Severity: normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:


The error message that contrib.csrf outputs when it detects manipulation is not valid XHTML. If you use application/xhtml+xml as content type, this will result in rendering an xhtml syntax error message with a xhtml capable browser like firefox 1.5+.

Attachments (1)

csrf_xhtml.diff (606 bytes) - added by mir@… 12 years ago.

Download all attachments as: .zip

Change History (2)

Changed 12 years ago by mir@…

Attachment: csrf_xhtml.diff added


comment:1 Changed 12 years ago by Adrian Holovaty

Resolution: fixed
Status: newclosed

(In [4225]) Fixed #3157 -- Made error message XHTML-friendly in CSRF middleware. Thanks, mir@…

Note: See TracTickets for help on using tickets.
Back to Top