Skip to content
Browse files

Fixed #10884 - more lenient regexp for matching forms in CSRF post-pr…

…ocessing

Thanks to Ryszard Szopa for the report and fix


git-svn-id: http://code.djangoproject.com/svn/django/trunk@10617 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
1 parent 037ce43 commit 71233bcdf3c90098531901da4e380165ed0059d4 @spookylukey spookylukey committed
Showing with 1 addition and 1 deletion.
  1. +1 −1 django/contrib/csrf/middleware.py
View
2 django/contrib/csrf/middleware.py
@@ -20,7 +20,7 @@
_ERROR_MSG = mark_safe('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><body><h1>403 Forbidden</h1><p>Cross Site Request Forgery detected. Request aborted.</p></body></html>')
_POST_FORM_RE = \
- re.compile(r'(<form\W[^>]*\bmethod=(\'|"|)POST(\'|"|)\b[^>]*>)', re.IGNORECASE)
+ re.compile(r'(<form\W[^>]*\bmethod\s*=\s*(\'|"|)POST(\'|"|)\b[^>]*>)', re.IGNORECASE)
_HTML_TYPES = ('text/html', 'application/xhtml+xml')

0 comments on commit 71233bc

Please sign in to comment.
Something went wrong with that request. Please try again.