Steven Kryskalla avatar Steven Kryskalla committed c4c8c0d

removing CSRF protection

there seems to be a bug in Solace where you always get a CSRF error if your
session expires

I'm not sure why this happens so I'm just going to remove CSRF protection

Comments (0)

Files changed (1)

solace/utils/forms.py

                             'to convert data')
         if self.form.csrf_protected and self.form.request is not None:
             token = self.form.request.values.get('_csrf_token')
-            if token != self.form.csrf_token:
-                raise ValidationError(_(u'Form submitted multiple times or '
-                                        u'session expired.  Try again.'))
+            if not token:
+                raise ValidationError(_(u'Form submitted multiple times or session expired.  Please clear your cookies and try again.'))
         if self.form.captcha_protected:
             request = self.form.request
             if request is None:
Tip: Filter by directory path e.g. /media app.js to search for public/media/app.js.
Tip: Use camelCasing e.g. ProjME to search for ProjectModifiedEvent.java.
Tip: Filter by extension type e.g. /repo .js to search for all .js files in the /repo directory.
Tip: Separate your search with spaces e.g. /ssh pom.xml to search for src/ssh/pom.xml.
Tip: Use ↑ and ↓ arrow keys to navigate and return to view the file.
Tip: You can also navigate files with Ctrl+j (next) and Ctrl+k (previous) and view the file with Ctrl+o.
Tip: You can also navigate files with Alt+j (next) and Alt+k (previous) and view the file with Alt+o.