Author: lukeplant
Date: 2009-10-27 16:50:58 -0500 (Tue, 27 Oct 2009)
New Revision: 11674
Modified:
django/branches/releases/1.1.X/django/contrib/csrf/tests.py
django/branches/releases/1.1.X/django/template/defaulttags.py
django/branches/releases/1.1.X/docs/ref/templates/builtins.txt
Log:
Added a no-op {% csrf_token %} tag to 1.1.X, to ease transition of apps to 1.2
Modified: django/branches/releases/1.1.X/django/contrib/csrf/tests.py
===================================================================
--- django/branches/releases/1.1.X/django/contrib/csrf/tests.py 2009-10-27
21:31:20 UTC (rev 11673)
+++ django/branches/releases/1.1.X/django/contrib/csrf/tests.py 2009-10-27
21:50:58 UTC (rev 11674)
@@ -4,6 +4,7 @@
from django.http import HttpRequest, HttpResponse, HttpResponseForbidden
from django.contrib.csrf.middleware import CsrfMiddleware, _make_token,
csrf_exempt
from django.conf import settings
+from django.template import Template
def post_form_response():
@@ -142,3 +143,9 @@
req.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest'
req2 = CsrfMiddleware().process_view(req, self.get_view(), (), {})
self.assertEquals(None, req2)
+
+ def test_template_tag_noop(self):
+ """
+ Check that the {% csrf_token %} works in 1.1.2 and later
+ """
+ self.assertEquals(u"", Template("{% csrf_token %}").render({}))
Modified: django/branches/releases/1.1.X/django/template/defaulttags.py
===================================================================
--- django/branches/releases/1.1.X/django/template/defaulttags.py
2009-10-27 21:31:20 UTC (rev 11673)
+++ django/branches/releases/1.1.X/django/template/defaulttags.py
2009-10-27 21:50:58 UTC (rev 11674)
@@ -37,6 +37,11 @@
def render(self, context):
return ''
+class CsrfTokenNode(Node):
+ # This no-op tag exists to allow 1.1.X code to be compatible with Django
1.2
+ def render(self, context):
+ return u''
+
class CycleNode(Node):
def __init__(self, cyclevars, variable_name=None):
self.cycle_iter = itertools_cycle(cyclevars)
@@ -523,6 +528,11 @@
return node
cycle = register.tag(cycle)
+def csrf_token(parser, token):
+ # This no-op tag exists to allow 1.1.X code to be compatible with Django
1.2
+ return CsrfTokenNode()
+register.tag(csrf_token)
+
def debug(parser, token):
"""
Outputs a whole load of debugging information, including the current
Modified: django/branches/releases/1.1.X/docs/ref/templates/builtins.txt
===================================================================
--- django/branches/releases/1.1.X/docs/ref/templates/builtins.txt
2009-10-27 21:31:20 UTC (rev 11673)
+++ django/branches/releases/1.1.X/docs/ref/templates/builtins.txt
2009-10-27 21:50:58 UTC (rev 11674)
@@ -53,6 +53,15 @@
.. templatetag:: cycle
+csrf_token
+~~~~~~~~~~
+
+.. versionadded:: 1.1.2
+
+In the Django 1.1.X series, this is a no-op tag that returns an empty string.
+It exists to ease the transition to Django 1.2, in which it is used for CSRF
+protection.
+
cycle
~~~~~
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
