From bad2825fab9f45f468414ed551bad9d987923600 Mon Sep 17 00:00:00 2001
From: Dan McGee
Date: Sat, 5 Jun 2010 12:58:31 -0500
Subject: Updates for CSRF protection in Django 1.2.X
Signed-off-by: Dan McGee
---
packages/views.py | 2 +-
settings.py | 1 +
templates/devel/index.html | 2 +-
templates/devel/profile.html | 2 +-
templates/general_form.html | 2 +-
templates/mirrors/index.html | 2 +-
templates/news/add.html | 2 +-
templates/news/delete.html | 2 +-
templates/packages/details.html | 2 +-
templates/packages/flag.html | 2 +-
templates/packages/search.html | 2 +-
templates/registration/login.html | 2 +-
templates/todolists/todolist_confirm_delete.html | 2 +-
13 files changed, 13 insertions(+), 12 deletions(-)
diff --git a/packages/views.py b/packages/views.py
index 6838de0..9053906 100644
--- a/packages/views.py
+++ b/packages/views.py
@@ -316,7 +316,7 @@ def flag(request, name='', repo='', arch=''):
context['form'] = form
- return render_to_response('packages/flag.html', context)
+ return render_to_response('packages/flag.html', RequestContext(request, context))
def download(request, name='', repo='', arch=''):
pkg = get_object_or_404(Package,
diff --git a/settings.py b/settings.py
index 30f594e..6c9a118 100644
--- a/settings.py
+++ b/settings.py
@@ -46,6 +46,7 @@ TEMPLATE_LOADERS = (
MIDDLEWARE_CLASSES = (
'main.middleware.UpdateCacheMiddleware',
"django.contrib.sessions.middleware.SessionMiddleware",
+ 'django.middleware.csrf.CsrfViewMiddleware',
"django.contrib.auth.middleware.AuthenticationMiddleware",
'django.middleware.http.ConditionalGetMiddleware',
"django.middleware.common.CommonMiddleware",
diff --git a/templates/devel/index.html b/templates/devel/index.html
index 662e824..25429ec 100644
--- a/templates/devel/index.html
+++ b/templates/devel/index.html
@@ -60,7 +60,7 @@
-
diff --git a/templates/packages/details.html b/templates/packages/details.html
index f60324e..247b634 100644
--- a/templates/packages/details.html
+++ b/templates/packages/details.html
@@ -32,7 +32,7 @@
{% if user.is_authenticated %}
-