From 4803410721db629a35390eb415e8c3fe86314f30 Mon Sep 17 00:00:00 2001
From: Jannis Leidel <jannis@leidel.info>
Date: Mon, 13 Dec 2010 13:57:54 +0000
Subject: [PATCH] [1.2.X] Fixed #14446 -- Prevented the password reset
 confirmation view to be cached. Thanks, Paul and Gabriel.

Backport from trunk (r14890).

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.2.X@14909 bcc190cf-cafb-0310-a4f2-bffc1f526a37
---
 django/contrib/auth/views.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/django/contrib/auth/views.py b/django/contrib/auth/views.py
index 6f75873fe0..75468b9e68 100644
--- a/django/contrib/auth/views.py
+++ b/django/contrib/auth/views.py
@@ -129,7 +129,7 @@ def password_reset(request, is_admin_site=False, template_name='registration/pas
 def password_reset_done(request, template_name='registration/password_reset_done.html'):
     return render_to_response(template_name, context_instance=RequestContext(request))
 
-# Doesn't need csrf_protect since no-one can guess the URL
+@never_cache
 def password_reset_confirm(request, uidb36=None, token=None, template_name='registration/password_reset_confirm.html',
                            token_generator=default_token_generator, set_password_form=SetPasswordForm,
                            post_reset_redirect=None):