summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorFlorian Apolloner <florian@apolloner.eu>2017-09-17 22:24:05 +0200
committerTim Graham <timograham@gmail.com>2017-09-20 16:32:24 -0400
commit42847327d1277451ee7a61716f7b9f62f50ecbdc (patch)
tree07baf7b092402eb95bfa348f4267f39bc88a95f5 /docs
parent19ea298aaff3ebecb26466f469226953d451e347 (diff)
[1.11.x] Fixed #28488 -- Reallowed error handlers to access CSRF tokens.
Regression in eef95ea96faef0b7dbbe0c8092202b74f68a899b. Backport of c4c128d67c7dc2830631c6859a204c9d259f1fb1 from master
Diffstat (limited to 'docs')
-rw-r--r--docs/releases/1.11.6.txt4
1 files changed, 4 insertions, 0 deletions
diff --git a/docs/releases/1.11.6.txt b/docs/releases/1.11.6.txt
index ff9d4385fe..222a9c9125 100644
--- a/docs/releases/1.11.6.txt
+++ b/docs/releases/1.11.6.txt
@@ -14,3 +14,7 @@ Bugfixes
* Fixed crash when using the name of a model's autogenerated primary key
(``id``) in an ``Index``'s ``fields`` (:ticket:`28597`).
+
+* Fixed a regression in Django 1.9 where a custom view error handler such as
+ ``handler404`` that accesses ``csrf_token`` could cause CSRF verification
+ failures on other pages (:ticket:`28488`).