mirror of
https://github.com/django/django.git
synced 2025-08-04 19:08:28 +00:00
Fixed #28699 -- Fixed CSRF validation with remote user middleware.
Ensured process_view() always accesses the CSRF token from the session or cookie, rather than the request, as rotate_token() may have been called by an authentication middleware during the process_request() phase.
This commit is contained in:
Colton Hicks
Carlton Gibson
parent
bc1c034076
commit
f283ffaa84
3 changed files with 36 additions and 2 deletions
1
AUTHORS
1
AUTHORS
|
|
@ -201,6 +201,7 @@ answer newbie questions, and generally made Django that much better:
|
|||
Colin Wood <cwood06@gmail.com>
|
||||
Collin Anderson <cmawebsite@gmail.com>
|
||||
Collin Grady <collin@collingrady.com>
|
||||
Colton Hicks <coltonbhicks@gmail.com>
|
||||
Craig Blaszczyk <masterjakul@gmail.com>
|
||||
crankycoder@gmail.com
|
||||
Curtis Maloney (FunkyBob) <curtis@tinbrain.net>
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue