hideki nara committed 2d0c081

DIRTY FIX for CSRF of DoCoMo makes the Django CSRF meaningless....

Comments (0)

Files changed (1)


 from django.http import HttpResponseRedirect, HttpResponseForbidden
 from bpmobile import utils
+from django.conf import global_settings #HDKNR
 class BPMobileMiddleware(object):
     def process_request(self, request):
                 session_key = m.groupdict()['skey']   
                 request.path_info = m.groupdict()['url']    # rewrite
                 request.path = re.sub(r'^(.+);\((.+)\)','\g<1>',request.path) #rewrite
+                #: DIRTY FIX for CSRF of DoCoMo makes Django CSRF meaningless.... 
+                request.COOKIES[global_settings.CSRF_COOKIE_NAME ] = request.POST.get('csrfmiddlewaretoken','')
             #: otherwise work in the original bpmobile way
             elif request.method == 'GET' and not request.GET.has_key('guid'):
                 # guid=onを付与したURLにリダイレクト