diff options
| author | Luke Plant <L.Plant.98@cantab.net> | 2009-10-27 21:50:58 +0000 |
|---|---|---|
| committer | Luke Plant <L.Plant.98@cantab.net> | 2009-10-27 21:50:58 +0000 |
| commit | ebe540528269edde89365cf9330f98ebcad29fea (patch) | |
| tree | 0c6f38b2e4c17d6b41ad22a13d2ec323ea3c2aaa | |
| parent | 1ab0b23df6bfe91c214ccae740287af3151d5a95 (diff) | |
Added a no-op {% csrf_token %} tag to 1.1.X, to ease transition of apps to 1.2
git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.1.X@11674 bcc190cf-cafb-0310-a4f2-bffc1f526a37
| -rw-r--r-- | django/contrib/csrf/tests.py | 7 | ||||
| -rw-r--r-- | django/template/defaulttags.py | 10 | ||||
| -rw-r--r-- | docs/ref/templates/builtins.txt | 9 |
3 files changed, 26 insertions, 0 deletions
diff --git a/django/contrib/csrf/tests.py b/django/contrib/csrf/tests.py index 3c533a01e6..f9b958149d 100644 --- a/django/contrib/csrf/tests.py +++ b/django/contrib/csrf/tests.py @@ -4,6 +4,7 @@ from django.test import TestCase from django.http import HttpRequest, HttpResponse, HttpResponseForbidden from django.contrib.csrf.middleware import CsrfMiddleware, _make_token, csrf_exempt from django.conf import settings +from django.template import Template def post_form_response(): @@ -142,3 +143,9 @@ class CsrfMiddlewareTest(TestCase): req.META['HTTP_X_REQUESTED_WITH'] = 'XMLHttpRequest' req2 = CsrfMiddleware().process_view(req, self.get_view(), (), {}) self.assertEquals(None, req2) + + def test_template_tag_noop(self): + """ + Check that the {% csrf_token %} works in 1.1.2 and later + """ + self.assertEquals(u"", Template("{% csrf_token %}").render({})) diff --git a/django/template/defaulttags.py b/django/template/defaulttags.py index de746997ab..300e249e35 100644 --- a/django/template/defaulttags.py +++ b/django/template/defaulttags.py @@ -37,6 +37,11 @@ class CommentNode(Node): def render(self, context): return '' +class CsrfTokenNode(Node): + # This no-op tag exists to allow 1.1.X code to be compatible with Django 1.2 + def render(self, context): + return u'' + class CycleNode(Node): def __init__(self, cyclevars, variable_name=None): self.cycle_iter = itertools_cycle(cyclevars) @@ -523,6 +528,11 @@ def cycle(parser, token): return node cycle = register.tag(cycle) +def csrf_token(parser, token): + # This no-op tag exists to allow 1.1.X code to be compatible with Django 1.2 + return CsrfTokenNode() +register.tag(csrf_token) + def debug(parser, token): """ Outputs a whole load of debugging information, including the current diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt index a2f8b9f8b3..d98e5055ed 100644 --- a/docs/ref/templates/builtins.txt +++ b/docs/ref/templates/builtins.txt @@ -53,6 +53,15 @@ Ignore everything between ``{% comment %}`` and ``{% endcomment %}`` .. templatetag:: cycle +csrf_token +~~~~~~~~~~ + +.. versionadded:: 1.1.2 + +In the Django 1.1.X series, this is a no-op tag that returns an empty string. +It exists to ease the transition to Django 1.2, in which it is used for CSRF +protection. + cycle ~~~~~ |
