holm/django-helpdeskmig
1
0
Fork 0
mirror of https://gitea.mueller.network/extern/django-helpdesk.git synced 2024-11-22 07:53:19 +01:00
Code Issues Packages Projects Releases Wiki Activity

Exclude API calls from CSRF middleware.

Browse Source 
Starting from django 1.2, the CSRF middleware is enabled by
default. However, API calls require parameters passing by POST
requests but they cannot be served as they can't contain a CSRF
token.

This patch removes the CSRF middleware from API requests.
This commit is contained in:
Ivan Giuliani 2012-01-15 11:38:28 +01:00
parent 533fdc8c2a
commit dc76854667
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
helpdesk/views/api.py
View File

@ -20,6 +20,7 @@ from django.http import HttpResponse
from django.shortcuts import render_to_response
from django.template import loader, Context
from django.utils import simplejson
from django.views.decorators.csrf import csrf_exempt
from helpdesk.forms import TicketForm
from helpdesk.lib import send_templated_mail, safe_template_context
@ -33,6 +34,7 @@ STATUS_ERROR_PERMISSIONS = 403
STATUS_ERROR_BADMETHOD = 405
@csrf_exempt
def api(request, method):
"""
Regardless of any other paramaters, we provide a help screen