Skip to content
This repository
Browse code

Fix uploads in IE. Closes #854.

  • Loading branch information...
commit e9f8ff1d0764bec30f4dabc1a3557d9efe03a302 1 parent c054d9a
Christopher Groskopf authored August 08, 2012
2  panda/api/utils.py
@@ -132,7 +132,7 @@ def try_sessions(self, request, **kwargs):
132 132
             if not same_origin(referer, good_referer):
133 133
                 return False
134 134
 
135  
-        request_csrf_token = request.META.get('HTTP_X_CSRFTOKEN', '')
  135
+        request_csrf_token = request.META.get('HTTP_X_CSRFTOKEN', '') or request.POST.get('csrfmiddlewaretoken', '')
136 136
 
137 137
         if not constant_time_compare(request_csrf_token, csrf_token):
138 138
             return False
2  panda/tests/test_api_data_upload.py
@@ -109,7 +109,7 @@ def test_upload_unauthorized(self):
109 109
         self.assertEqual(response.status_code, 200)
110 110
 
111 111
         body = json.loads(response.content)
112  
-        
  112
+
113 113
         self.assertEqual(body['success'], False)
114 114
         self.assertEqual(body['forbidden'], True)
115 115
 
2  panda/views.py
@@ -38,7 +38,7 @@ class SecureAjaxFileUploader(AjaxFileUploader):
38 38
     def __call__(self, request):
39 39
         auth = PandaAuthentication()
40 40
 
41  
-        if not auth.is_authenticated(request):
  41
+        if auth.is_authenticated(request) != True:
42 42
             # Valum's FileUploader only parses the response if the status code is 200.
43 43
             return JSONResponse({ 'success': False, 'forbidden': True }, status=200)
44 44
 

0 notes on commit e9f8ff1

Please sign in to comment.
Something went wrong with that request. Please try again.