Django-1.2 compatability -- CSRF

Issue #1161 resolved
Daniel Morgan created an issue

Now that Django-1.2 is the official release, and given the security enhancements associated with its CSRF protection, it makes sense to make Satchmo capable of running thereon.

HTML template (and possibly inline?) forms (method="post") need to be updated, as well as adding csrf middleware to settings.py

Comments (7)

  1. Tay Ray Chuan

    We should have a separate fork for satchmo aimed at Django 1.2 -- on top of 1.2-only stuff, fixes/features from the vanilla Satchmo gets merged in periodically.

  2. Chris Moffitt repo owner

    I'm ok if we go ahead and start the merging of 1.2 changes into tip. Until we start moving in the CSRF (and maybe others) we won't get much feedback.

  3. Chris Moffitt repo owner

    I downloaded the 1.2 fork and everything seems to work pretty well. I didn't test all the payment modules but I didn't find any errors yet.

    I'll keep looking at it but wanted to followup and let folks know it looks good so far.

  4. Log in to comment