diff options
| author | Grzegorz Slusarek <grzegorz.slusarek@10clouds.com> | 2014-11-15 13:54:53 +0100 |
|---|---|---|
| committer | Grzegorz Slusarek <grzegorz.slusarek@10clouds.com> | 2014-11-15 14:07:31 +0100 |
| commit | b4bb5cd0a31c6e9ebc2be9dff245f506940f9159 (patch) | |
| tree | 84d67aa344dafb3f75a734539ca17ed4b0ef4c92 | |
| parent | 4f90c99635149fae2f488c03f0b52303fe97e0aa (diff) | |
Fixed #23585 - Corrected internal comment.
Removed misleading comment and provide correct one, explaining
idea behind hardcoded CSRF template context processor.
| -rw-r--r-- | django/template/context.py | 4 |
1 files changed, 1 insertions, 3 deletions
diff --git a/django/template/context.py b/django/template/context.py index 76af916cb7..fa721a9f5f 100644 --- a/django/template/context.py +++ b/django/template/context.py @@ -3,9 +3,7 @@ from django.utils.module_loading import import_string # Cache of actual callables. _standard_context_processors = None -# We need the CSRF processor no matter what the user has in their settings, -# because otherwise it is a security vulnerability, and we can't afford to leave -# this to human error or failure to read migration instructions. +# Hard-coded processor for easier use of CSRF protection. _builtin_context_processors = ('django.core.context_processors.csrf',) |
