Opened 18 years ago

Closed 18 years ago

#3157 closed defect (fixed)

[patch] error messge in csrf protection is not valid XHTML

Reported by: mir@… Owned by: Adrian Holovaty
Component: Contrib apps Version:
Severity: normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: no UI/UX: no

Description

The error message that contrib.csrf outputs when it detects manipulation is not valid XHTML. If you use application/xhtml+xml as content type, this will result in rendering an xhtml syntax error message with a xhtml capable browser like firefox 1.5+.

Attachments (1)

csrf_xhtml.diff (606 bytes ) - added by mir@… 18 years ago.
patch

Download all attachments as: .zip

Change History (2)

by mir@…, 18 years ago

Attachment: csrf_xhtml.diff added

patch

comment:1 by Adrian Holovaty, 18 years ago

Resolution: fixed
Status: newclosed

(In [4225]) Fixed #3157 -- Made error message XHTML-friendly in CSRF middleware. Thanks, mir@…

Note: See TracTickets for help on using tickets.
Back to Top