VladPolskiy/postgres-web
1
0
Fork 0
mirror of https://github.com/postgres/pgweb.git synced 2025-08-10 00:42:06 +00:00
Code Issues Packages Projects Releases Wiki Activity

CSRF verification failure now returns HTTP 403 Forbidden, not 200 OK

Browse Source
This commit is contained in:
Marti Raudsepp
2012-11-07 23:20:09 +02:00
committed by Magnus Hagander
parent 6008f93843
commit a923f93b17
1 changed files with 3 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
pgweb/core/views.py
View File

@ -152,9 +152,11 @@ def sitemap(request):
@nocache @nocache
def csrf_failure(request, reason=''): def csrf_failure(request, reason=''):
return render_to_response('errors/csrf_failure.html', { resp = render_to_response('errors/csrf_failure.html', {
'reason': reason, 'reason': reason,
}) })
resp.status_code = 403 # Forbidden
return resp
# Basic information about the connection # Basic information about the connection
@cache(seconds=30) @cache(seconds=30)