Skip to content

Commit e2d4898

Browse files
committed
ensure csrf cookie for public and personalised views
1 parent 7c356c1 commit e2d4898

File tree

3 files changed

+6
-1
lines changed

3 files changed

+6
-1
lines changed

django_email_learning/personalised/views.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,5 @@
1+
from django.utils.decorators import method_decorator
2+
from django.views.decorators.csrf import ensure_csrf_cookie
13
from django.views import View
24
from django.views.generic.base import TemplateResponseMixin
35
from django.http import HttpResponse
@@ -20,6 +22,7 @@
2022
import io
2123

2224

25+
@method_decorator(ensure_csrf_cookie, name="dispatch")
2326
class BaseTemplateView(View, TemplateResponseMixin):
2427
def error_response(
2528
self,

django_email_learning/public/views.py

Lines changed: 3 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,6 @@
11
from django.views.generic import TemplateView
2+
from django.utils.decorators import method_decorator
3+
from django.views.decorators.csrf import ensure_csrf_cookie
24
from django.db.models import Prefetch
35
from django_email_learning.models import Organization, Course
46
from django.utils.translation import get_language_info, get_language
@@ -12,6 +14,7 @@
1214
)
1315

1416

17+
@method_decorator(ensure_csrf_cookie, name="dispatch")
1518
class OrganizationView(TemplateView):
1619
template_name = "public/organization.html"
1720

Lines changed: 0 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1,6 +1,5 @@
11
{% extends "public/base.html" %}
22
{% load django_vite %}
3-
{% csrf_token %}
43
{% block head_script %}
54
{% vite_asset 'public/organization/Organization.jsx' %}
65
{% endblock %}

0 commit comments

Comments
 (0)