angler-fishThe Vulnerability History Project

[1.2.X] Fixed #14565 - No csrf_token on 404 page.

      This solution doesn't have the negative side-effects of [14356].

Backport of [14377] from trunk.

git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.2.X@14380 bcc190cf-cafb-0310-a4f2-bffc1f526a37
by Abigail the Gnu 2010-10-28 11:58:51 UTC
commit 36dd74446047570bd6bc1a8bdb8e2eaf3eb39a44
Django VCC CVE-2011-0696
django/middleware/csrf.py
+17 -21
django/views/decorators/csrf.py
-16
django/views/defaults.py
-8
tests/regressiontests/csrf_tests/tests.py
+1 -9
tests/regressiontests/views/tests/defaults.py
+3 -14
expand_less