]> git.ozlabs.org Git - patchwork/commit
projects / patchwork / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 482ba5a) | patch
views: implement CSRF protection
authorJeremy Kerr <jk@ozlabs.org>
Tue, 10 Aug 2010 04:11:40 +0000 (12:11 +0800)
committerJeremy Kerr <jk@ozlabs.org>
Tue, 10 Aug 2010 04:11:40 +0000 (12:11 +0800)
commit5b984a0262c42ef5ac8f05a687978235a12a6e28
treed93cf9e6202ab8ccf826c949d214e467825f7044tree | snapshot (tar.gz zip)
parent482ba5ac5e2fb71a8ae26ae9d5c5c72c33c35b23commit | diff
views: implement CSRF protection

Since we've got the csrf token present, we may as well check it for
requests.

We're using RequestContext already (via PatchworkRequestContext), so we
just need to switch it on in the settings, and add an exemption on the
xmlrpc interface.

Signed-off-by: Jeremy Kerr <jk@ozlabs.org>
apps/patchwork/views/xmlrpc.py diff | blob | history
apps/settings.py diff | blob | history
web-based patch-tracking system