mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-11-07 07:15:35 +00:00
Code Issues 32 Releases Wiki Activity

[1.11.x] Fixed #28488 -- Reallowed error handlers to access CSRF tokens.

Browse Source 
Regression in eef95ea96f.

Backport of c4c128d67c from master
This commit is contained in:
Florian Apolloner
2017-09-17 22:24:05 +02:00
committed by Tim Graham
parent 19ea298aaf
commit 42847327d1
5 changed files with 57 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
tests/csrf_tests/views.py
View File

@@ -1,7 +1,8 @@
from __future__ import unicode_literals
from django.http import HttpResponse
from django.template import RequestContext, Template
from django.middleware.csrf import get_token
from django.template import Context, RequestContext, Template
from django.template.context_processors import csrf
from django.views.decorators.csrf import ensure_csrf_cookie
@@ -30,3 +31,9 @@ def non_token_view_using_request_processor(request):
context = RequestContext(request, processors=[csrf])
template = Template('')
return HttpResponse(template.render(context))
def csrf_token_error_handler(request, **kwargs):
"""This error handler accesses the CSRF token."""
template = Template(get_token(request))
return HttpResponse(template.render(Context()), status=599)