Author: jacob
Date: 2008-08-29 14:15:34 -0500 (Fri, 29 Aug 2008)
New Revision: 8715
Modified:
django/trunk/django/contrib/formtools/utils.py
Log:
Fixed #8653: make formtools' security hash more rubust. Silly that I didn't
think of this before; thanks to bthomas for providing the obvious fix.
Modified: django/trunk/django/contrib/formtools/utils.py
===================================================================
--- django/trunk/django/contrib/formtools/utils.py 2008-08-29 18:12:31 UTC
(rev 8714)
+++ django/trunk/django/contrib/formtools/utils.py 2008-08-29 19:15:34 UTC
(rev 8715)
@@ -15,19 +15,8 @@
order, pickles the result with the SECRET_KEY setting, then takes an
md5
hash of that.
"""
- # Ensure that the hash does not change when a BooleanField's bound
- # data is a string `False' or a boolean False.
- # Rather than re-coding this special behaviour here, we
- # create a dummy BooleanField and call its clean method to get a
- # boolean True or False verdict that is consistent with
- # BooleanField.clean()
- dummy_bool = BooleanField(required=False)
- def _cleaned_data(bf):
- if isinstance(bf.field, BooleanField):
- return dummy_bool.clean(bf.data)
- return bf.data
- data = [(bf.name, _cleaned_data(bf) or '') for bf in form]
+ data = [(bf.name, bf.field.clean(bf.data) or '') for bf in form]
data.extend(args)
data.append(settings.SECRET_KEY)
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
