Quick Links

Re: [PATCH] Fix CSRF verification in /admin/mergeorg/ and /admin/purge/

From:	Marti Raudsepp <marti(at)juffo(dot)org>
To:	Magnus Hagander <magnus(at)hagander(dot)net>, pgsql-www <pgsql-www(at)postgresql(dot)org>
Subject:	Re: [PATCH] Fix CSRF verification in /admin/mergeorg/ and /admin/purge/
Date:	2012-11-07 20:36:32
Message-ID:	CABRT9RCetBTP+SbD2M8PsKE5ejYaVYdXtphBPuceUvF0t2Hp5A@mail.gmail.com
Views:	Raw Message \| Whole Thread \| Download mbox \| Resend email
Thread:
Lists:	pgsql-www

On Wed, Nov 7, 2012 at 10:28 PM, Marti Raudsepp <marti(at)juffo(dot)org> wrote:
> It's clear now why CSRF didn't work on these pages: the csrf_token
> templatetag requires rendering the template with a RequestContext.

And apologies for breaking the site, this is certainly an omission on
my part in the original patch.

Regards,
Marti

In response to

[PATCH] Fix CSRF verification in /admin/mergeorg/ and /admin/purge/ at 2012-11-07 20:28:23 from Marti Raudsepp

Browse pgsql-www by date

	From	Date	Subject
Next Message	Marti Raudsepp	2012-11-07 21:30:22	[PATCH] Fix CSRF verification on /api/varnish/purge & misc
Previous Message	Marti Raudsepp	2012-11-07 20:28:23	[PATCH] Fix CSRF verification in /admin/mergeorg/ and /admin/purge/