1. angri
  2. brainstill

Commits

angri  committed f83a445

защищаем brainstill.views.idea_new от csrf (хотя полезней было бы idea_rank...)

  • Participants
  • Parent commits 245dead
  • Branches default

Comments (0)

Files changed (1)

File brainstill/views.py

View file
  • Ignore whitespace
 # coding: utf-8
 from django.contrib.auth.decorators import login_required
+from django.views.decorators.csrf import csrf_protect
 from django.shortcuts import render_to_response, get_object_or_404
 from django.template import RequestContext
 from django.http import HttpResponseRedirect, HttpResponseBadRequest
                               context_instance=context)
 
 @login_required
+@csrf_protect
 def idea_new(request, project_slug, template_name):
     project = get_object_or_404(Project.objects.public(), slug=project_slug)
     if request.method != 'POST':