Colton Hicks f283ffaa84 Fixed #28699 -- Fixed CSRF validation with remote user middleware. ...

Ensured process_view() always accesses the CSRF token from the session
or cookie, rather than the request, as rotate_token() may have been called
by an authentication middleware during the process_request() phase.

2020-02-26 17:25:20 +01:00

13 KiB

Raw Blame History

View Raw