From 6a7495051304d75865add6ff96422018984e1663 Mon Sep 17 00:00:00 2001 From: Shivang Bharadwaj Date: Thu, 29 Dec 2016 02:33:20 +0530 Subject: Fixed #27258 -- Prohibited django.Template.render() with non-dict context. Thanks Shivang Bharadwaj for the initial patch. --- django/views/csrf.py | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'django/views') diff --git a/django/views/csrf.py b/django/views/csrf.py index 493e112fbe..5e13e529fc 100644 --- a/django/views/csrf.py +++ b/django/views/csrf.py @@ -105,7 +105,7 @@ def csrf_failure(request, reason="", template_name=CSRF_FAILURE_TEMPLATE_NAME): Default view used when request fails CSRF protection """ from django.middleware.csrf import REASON_NO_REFERER, REASON_NO_CSRF_COOKIE - c = Context({ + c = { 'title': _("Forbidden"), 'main': _("CSRF verification failed. Request aborted."), 'reason': reason, @@ -132,13 +132,14 @@ def csrf_failure(request, reason="", template_name=CSRF_FAILURE_TEMPLATE_NAME): 'DEBUG': settings.DEBUG, 'docs_version': get_docs_version(), 'more': _("More information is available with DEBUG=True."), - }) + } try: t = loader.get_template(template_name) except TemplateDoesNotExist: if template_name == CSRF_FAILURE_TEMPLATE_NAME: # If the default template doesn't exist, use the string template. t = Engine().from_string(CSRF_FAILURE_TEMPLATE) + c = Context(c) else: # Raise if a developer-specified template doesn't exist. raise -- cgit v1.3