Permalink
Browse files
Safely check for X-Requested-With in publish code.
- Loading branch information...
Showing
with
1 addition
and
1 deletion.
-
+1
−1
postcards/views.py
|
|
@@ -142,7 +142,7 @@ def delete(id): |
|
|
postcard.deleted = True
|
|
|
db.session.commit()
|
|
|
|
|
|
- if request.headers['X-Requested-With'] == 'XMLHttpRequest':
|
|
|
+ if request.headers.get('X-Requested-With') == 'XMLHttpRequest':
|
|
|
return 'success!'
|
|
|
else:
|
|
|
flash('postcard deleted!')
|
|
|
|
0 comments on commit
4215a10