Fixed #14565 - No csrf_token on 404 pages

Thanks to gvangool for report and patch. git-svn-id: http://code.djangoproject.com/svn/django/trunk@14356 bcc190cf-cafb-0310-a4f2-bffc1f526a37
django · Oct 26, 2010 · 851f42b · 851f42b
1 parent 298f3d3
commit 851f42b
Showing 1 changed file with 3 additions and 0 deletions.
diff --git a/django/views/defaults.py b/django/views/defaults.py
@@ -1,6 +1,8 @@
 from django import http
 from django.template import Context, RequestContext, loader
+from django.views.decorators.csrf import csrf_protect
 
+@csrf_protect
 def page_not_found(request, template_name='404.html'):
     """
     Default 404 handler.
@@ -13,6 +15,7 @@ def page_not_found(request, template_name='404.html'):
     t = loader.get_template(template_name) # You need to create a 404.html template.
     return http.HttpResponseNotFound(t.render(RequestContext(request, {'request_path': request.path})))
 
+@csrf_protect
 def server_error(request, template_name='500.html'):
     """
     500 error handler.