Remove unnecessary csrf_exempt from urls #1160
Merged
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #1099
Description
Properly setup exemptions for CSRF, leaving them where they are needed
Why?
CSRF exemptions are needed in some cases, this pull request removes duplicate exemptions and ensures that they are present for all views which need them.
How?
Experiment which exemptions are needed for no errors to occur.
Fixes #1099
Testing
What type of test did you run?
Ensure there are no CSRF errors when opening an exercise as a student and when selecting an exercise as a teacher, on both localhost as well as minus.cs + mycourses-test
Did you test the changes in
Translation
Programming style
Have you updated the README or other relevant documentation?
Is it Done?
Clean up your git commit history before submitting the pull request!