mirrors/django
1
0
Fork 0
mirror of https://github.com/django/django.git synced 2025-10-31 09:41:08 +00:00
Code Issues 32 Releases Wiki Activity

Fixed #28699 -- Fixed CSRF validation with remote user middleware.

Browse Source 
Ensured process_view() always accesses the CSRF token from the session
or cookie, rather than the request, as rotate_token() may have been called
by an authentication middleware during the process_request() phase.
This commit is contained in:
Colton Hicks
2020-01-31 23:42:24 -08:00
committed by Carlton Gibson
parent bc1c034076
commit f283ffaa84
3 changed files with 36 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
AUTHORS
View File

@@ -201,6 +201,7 @@ answer newbie questions, and generally made Django that much better:
Colin Wood <cwood06@gmail.com>
Collin Anderson <cmawebsite@gmail.com>
Collin Grady <collin@collingrady.com>
Colton Hicks <coltonbhicks@gmail.com>
Craig Blaszczyk <masterjakul@gmail.com>
crankycoder@gmail.com
Curtis Maloney (FunkyBob) <curtis@tinbrain.net>