mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-07-05 18:29:11 +00:00
Code Issues 32 Releases Wiki Activity

Added a no-op {% csrf_token %} tag to 1.1.X, to ease transition of apps to 1.2

Browse Source 
git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@11674 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Luke Plant 2009-10-27 21:50:58 +00:00
parent 1ab0b23df6
commit ebe5405282
3 changed files with 26 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
django/contrib/csrf/tests.py
View File

@ -4,6 +4,7 @@ from django.test import TestCase
from django.http import HttpRequest, HttpResponse, HttpResponseForbidden from django.http import HttpRequest, HttpResponse, HttpResponseForbidden
from django.contrib.csrf.middleware import CsrfMiddleware, _make_token, csrf_exempt from django.contrib.csrf.middleware import CsrfMiddleware, _make_token, csrf_exempt
from django.conf import settings from django.conf import settings
from django.template import Template
def post_form_response(): def post_form_response():
@ -142,3 +143,9 @@ class CsrfMiddlewareTest(TestCase):
req.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' req.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
req2 = CsrfMiddleware().process_view(req, self.get_view(), (), {}) req2 = CsrfMiddleware().process_view(req, self.get_view(), (), {})
self.assertEquals(None, req2) self.assertEquals(None, req2)
def test_template_tag_noop(self):
"""
Check that the {% csrf_token %} works in 1.1.2 and later
"""
self.assertEquals(u"", Template("{% csrf_token %}").render({}))

10
django/template/defaulttags.py
View File

@ -37,6 +37,11 @@ class CommentNode(Node):
def render(self, context): def render(self, context):
return '' return ''
class CsrfTokenNode(Node):
# This no-op tag exists to allow 1.1.X code to be compatible with Django 1.2
def render(self, context):
return u''
class CycleNode(Node): class CycleNode(Node):
def __init__(self, cyclevars, variable_name=None): def __init__(self, cyclevars, variable_name=None):
self.cycle_iter = itertools_cycle(cyclevars) self.cycle_iter = itertools_cycle(cyclevars)
@ -523,6 +528,11 @@ def cycle(parser, token):
return node return node
cycle = register.tag(cycle) cycle = register.tag(cycle)
def csrf_token(parser, token):
# This no-op tag exists to allow 1.1.X code to be compatible with Django 1.2
return CsrfTokenNode()
register.tag(csrf_token)
def debug(parser, token): def debug(parser, token):
""" """
Outputs a whole load of debugging information, including the current Outputs a whole load of debugging information, including the current

9
docs/ref/templates/builtins.txt
View File

@ -53,6 +53,15 @@ Ignore everything between ``{% comment %}`` and ``{% endcomment %}``
.. templatetag:: cycle .. templatetag:: cycle
csrf_token
~~~~~~~~~~
.. versionadded:: 1.1.2
In the Django 1.1.X series, this is a no-op tag that returns an empty string.
It exists to ease the transition to Django 1.2, in which it is used for CSRF
protection.
cycle cycle
~~~~~ ~~~~~