Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Add CSRF protection to jumpstart.

  • Loading branch information...
commit f440cc6a433b5e6fc4038841fd06012bae86c46f 1 parent 8b3fb22
Christopher Groskopf onyxfish authored
Showing with 5 additions and 2 deletions.
  1. +2 −0  jumpstart/templates/jumpstart/index.html
  2. +3 −2 jumpstart/views.py
2  jumpstart/templates/jumpstart/index.html
View
@@ -8,6 +8,8 @@
<div class="alert alert-info"><strong>Congratulations&mdash;your PANDA is almost ready!</strong><br />Just answer a few questions to finish setting up.</div>
<form id="setup" method="POST" action="wait">
+ {% csrf_token %}
+
<div class="control-group">
<label for="timezone">What time zone does your organization do most of its work in?</label>
<select name="timezone">
5 jumpstart/views.py
View
@@ -7,6 +7,7 @@
from django.conf import settings
from django.shortcuts import render_to_response
+from django.template import RequestContext
from pytz import common_timezones
from tastypie.models import ApiKey
@@ -30,10 +31,10 @@ def run(self):
os.remove(self.pidfile)
def jumpstart(request):
- context = {
+ context = RequestContext(request, {
'settings': settings,
'timezones': common_timezones
- }
+ })
return render_to_response('jumpstart/index.html', context)
Please sign in to comment.
Something went wrong with that request. Please try again.