Opened 9 years ago

Closed 9 years ago

#3157 closed defect (fixed)

[patch] error messge in csrf protection is not valid XHTML

Reported by: mir@… Owned by: adrian
Component: Contrib apps Version:
Severity: normal Keywords:
Cc: Triage Stage: Unreviewed
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: UI/UX:


The error message that contrib.csrf outputs when it detects manipulation is not valid XHTML. If you use application/xhtml+xml as content type, this will result in rendering an xhtml syntax error message with a xhtml capable browser like firefox 1.5+.

Attachments (1)

csrf_xhtml.diff (606 bytes) - added by mir@… 9 years ago.

Download all attachments as: .zip

Change History (2)

Changed 9 years ago by mir@…


comment:1 Changed 9 years ago by adrian

  • Resolution set to fixed
  • Status changed from new to closed

(In [4225]) Fixed #3157 -- Made error message XHTML-friendly in CSRF middleware. Thanks, mir@…

Note: See TracTickets for help on using tickets.
Back to Top