Permalink
Browse files

Fixed #18484 -- Removed the div around the csrf token input

  • Loading branch information...
1 parent 22742e4 commit fa2e28ccc45d383ad9b1398565a9d106a80fd1db @claudep claudep committed Oct 13, 2012
Showing with 1 addition and 1 deletion.
  1. +1 −1 django/template/defaulttags.py
@@ -48,7 +48,7 @@ def render(self, context):
if csrf_token == 'NOTPROVIDED':
return format_html("")
else:
- return format_html("<div><input type='hidden' name='csrfmiddlewaretoken' value='{0}' /></div>", csrf_token)
+ return format_html("<input type='hidden' name='csrfmiddlewaretoken' value='{0}' />", csrf_token)
else:
# It's very probable that the token is missing because of
# misconfiguration, so we raise a warning

6 comments on commit fa2e28c

@charettes
Member

Maybe we should add a release note about this?

@mlavin
mlavin commented on fa2e28c Oct 13, 2012

I would agree this needs a release note. This is not a backwards compatible change in terms of HTML validation. There was a longer discussion on a previous pull request #242.

@claudep
Member

What about this note:
"The csrf_token template tag is no more enclosed in a div. If you need HTML
validation against pre-HTML5 Strict DTDs, you should add a div around it in your pages."

@charettes
Member

Looks good to me.

@mlavin
mlavin commented on fa2e28c Oct 13, 2012

I would probably say 'no longer' rather than 'no more' but either way this would be a good addition to the release notes.

@claudep
Member

Committed in e6f45aa. Thanks Mark for the grammatical tip. I'm at war with no more/no longer :-)

Please sign in to comment.