Skip to content

Commit

Permalink
Fixed #18484 -- Removed the div around the csrf token input
Browse files Browse the repository at this point in the history
  • Loading branch information
@claudep
claudep committed Oct 13, 2012
1 parent 22742e4 commit fa2e28c
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion django/template/defaulttags.py
View file
Expand Up @@ -48,7 +48,7 @@ def render(self, context):
if csrf_token == 'NOTPROVIDED':
return format_html("")
else:
return format_html("<div><input type='hidden' name='csrfmiddlewaretoken' value='{0}' /></div>", csrf_token)
return format_html("<input type='hidden' name='csrfmiddlewaretoken' value='{0}' />", csrf_token)
else:
# It's very probable that the token is missing because of
# misconfiguration, so we raise a warning
Expand Down

6 comments on commit fa2e28c

@charettes
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe we should add a release note about this?

@mlavin
Copy link
Contributor

@mlavin mlavin commented on fa2e28c Oct 13, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would agree this needs a release note. This is not a backwards compatible change in terms of HTML validation. There was a longer discussion on a previous pull request #242.

@claudep
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What about this note:
"The csrf_token template tag is no more enclosed in a div. If you need HTML
validation against pre-HTML5 Strict DTDs, you should add a div around it in your pages."

@charettes
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good to me.

@mlavin
Copy link
Contributor

@mlavin mlavin commented on fa2e28c Oct 13, 2012

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I would probably say 'no longer' rather than 'no more' but either way this would be a good addition to the release notes.

@claudep
Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Committed in e6f45aa. Thanks Mark for the grammatical tip. I'm at war with no more/no longer :-)

Please sign in to comment.