Loading...

django-developers@googlegroups.com

[Prev] Thread [Next]  |  [Prev] Date [Next]

Re: Request for review for a small fix in the csrf view Paul McMillan Tue Feb 21 16:01:49 2012

> In short, the first patch add a bullet point in the CSRF error page
> which states that this
> error can be triggered by disabled cookies.

I committed this change.

> The second patch fixes the middleware itself to make the page show the
> correct error message if the
> error is caused by disabled cookies.

Your patch didn't pass the test suite, but more importantly, it ties
the CSRF protection to the session framework, which is a dependency we
have worked hard to avoid. I don't think we can commit anything like
your patch, since it actually changes the behavior pretty
significantly.

-Paul

-- 
You received this message because you are subscribed to the Google Groups 
"Django developers" group.
To post to this group, send email to [EMAIL PROTECTED]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/django-developers?hl=en.