Permalink
Browse files

Fixed #12933 - AdminSite.admin_view disables @csrf_view_exempt

Thanks to philomat for report and patch.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12619 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
1 parent 9f592ec commit d7abb33e70cf91c983b997cbeafbea2cd0371762 @spookylukey spookylukey committed Feb 27, 2010
Showing with 2 additions and 1 deletion.
  1. +2 −1 django/contrib/admin/sites.py
@@ -196,7 +196,8 @@ def inner(request, *args, **kwargs):
inner = never_cache(inner)
# We add csrf_protect here so this function can be used as a utility
# function for any view, without having to repeat 'csrf_protect'.
- inner = csrf_protect(inner)
+ if not getattr(view, 'csrf_exempt', False):
+ inner = csrf_protect(inner)
return update_wrapper(inner, view)
def get_urls(self):

0 comments on commit d7abb33

Please sign in to comment.