Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

[1.0.X] Fixed #8963 -- Use the require_POST decorator instead of doin…

…g things manually in one of the comment views. Thanks, zgoda.

Bakcport of r9121 from trunk.


git-svn-id: http://code.djangoproject.com/svn/django/branches/releases/1.0.X@9128 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 245399becbac4e3246d09fff268f99e3b8af7839 1 parent e88b70b
Malcolm Tredinnick authored October 05, 2008

Showing 1 changed file with 3 additions and 5 deletions. Show diff stats Hide diff stats

  1. 8  django/contrib/comments/views/comments.py
8  django/contrib/comments/views/comments.py
@@ -7,6 +7,7 @@
7 7
 from django.template import RequestContext
8 8
 from django.template.loader import render_to_string
9 9
 from django.utils.html import escape
  10
+from django.views.decorators.http import require_POST
10 11
 from django.contrib import comments
11 12
 from django.contrib.comments import signals
12 13
 
@@ -28,11 +29,6 @@ def post_comment(request, next=None):
28 29
     HTTP POST is required. If ``POST['submit'] == "preview"`` or if there are
29 30
     errors a preview template, ``comments/preview.html``, will be rendered.
30 31
     """
31  
-
32  
-    # Require POST
33  
-    if request.method != 'POST':
34  
-        return http.HttpResponseNotAllowed(["POST"])
35  
-
36 32
     # Fill out some initial data fields from an authenticated user, if present
37 33
     data = request.POST.copy()
38 34
     if request.user.is_authenticated():
@@ -116,6 +112,8 @@ def post_comment(request, next=None):
116 112
 
117 113
     return next_redirect(data, next, comment_done, c=comment._get_pk_val())
118 114
 
  115
+post_comment = require_POST(post_comment)
  116
+
119 117
 comment_done = confirmation_view(
120 118
     template = "comments/posted.html",
121 119
     doc = """Display a "comment was posted" success page."""

0 notes on commit 245399b

Please sign in to comment.
Something went wrong with that request. Please try again.