Luke Plant 43c2ed0eb3 Fixed #12095 - login and other contrib views failing if template rendered using inclusion tag. ...

The {% csrf_token %} tag is unable to get its value if a template is
rendered using an inclusion_tag, since that creates a brand new Context,
rather than using the existing one.  Since this is a common pattern, and we
need CSRF protection to be as simple and easy as possible, we special case
the csrf_token and copy it from the parent context to the new context.

A more elegant and general solution may appear in future, but this is good
enough for now.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@11672 bcc190cf-cafb-0310-a4f2-bffc1f526a37

2009-10-27 21:27:09 +00:00

..

loaders

Fixed #10053: the most exciting commit you'll ever see.

2009-04-02 01:55:49 +00:00

__init__.py

Fixed #12095 - login and other contrib views failing if template rendered using inclusion tag.

2009-10-27 21:27:09 +00:00

context.py

Moved contrib.csrf.* to core code.

2009-10-27 00:36:34 +00:00

debug.py

Fixed #5884 -- Added better display error handling for template variables.

2008-03-17 14:21:09 +00:00

defaultfilters.py

Fixed #11993: fixed the the floatformat filter on NaN values in Python 2.6.3. Thanks, kklimonda.

2009-10-12 16:53:23 +00:00

defaulttags.py

Fixed #9977 - CsrfMiddleware gets template tag added, session dependency removed, and turned on by default.

2009-10-26 23:23:07 +00:00

loader_tags.py

Fixed #10094 -- Fixed the include and extends template tags to work with filenames with spaces, patch from mcroydon.

2009-03-30 20:30:28 +00:00

loader.py

Fixed #8193: all dynamic imports in Django are now done correctly. I know this because Brett Cannon borrowed the time machine and brought Python 2.7's 'importlib back for inclusion in Django. Thanks for the patch-from-the-future, Brett!

2009-03-18 16:55:59 +00:00