Andal.LND/edx-platform
6
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

PLAT-1749 Support Django 1.10+ CSRF tokens

Browse Source
This commit is contained in:
Jeremy Bowman
2017-12-06 13:18:00 -05:00
parent 98b391a278
commit 19709cd36f
6 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
cms/envs/common.py
View File

@@ -442,7 +442,7 @@ MIDDLEWARE_CLASSES = [
'openedx.core.djangoapps.header_control.middleware.HeaderControlMiddleware',
'django.middleware.cache.UpdateCacheMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'birdcage.v1_11.csrf.CsrfViewMiddleware',
'django.contrib.sites.middleware.CurrentSiteMiddleware',
# Instead of SessionMiddleware, we use a more secure version

2
lms/envs/common.py
View File

@@ -1268,7 +1268,7 @@ MIDDLEWARE_CLASSES = [
'corsheaders.middleware.CorsMiddleware',
'openedx.core.djangoapps.cors_csrf.middleware.CorsCSRFMiddleware',
'openedx.core.djangoapps.cors_csrf.middleware.CsrfCrossDomainCookieMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'birdcage.v1_11.csrf.CsrfViewMiddleware',
'splash.middleware.SplashMiddleware',

2
lms/envs/load_test.py
View File

@@ -11,7 +11,7 @@ from .aws import *
# Disable CSRF for load testing
EXCLUDE_CSRF = lambda elem: elem not in [
'django.template.context_processors.csrf',
'django.middleware.csrf.CsrfViewMiddleware'
'birdcage.v1_11.csrf.CsrfViewMiddleware'
]
DEFAULT_TEMPLATE_ENGINE['OPTIONS']['context_processors'] = filter(
EXCLUDE_CSRF, DEFAULT_TEMPLATE_ENGINE['OPTIONS']['context_processors']

2
openedx/core/djangoapps/cors_csrf/middleware.py
View File

@@ -46,7 +46,7 @@ import logging
from django.conf import settings
from django.core.exceptions import ImproperlyConfigured, MiddlewareNotUsed
from django.middleware.csrf import CsrfViewMiddleware
from birdcage.v1_11.csrf import CsrfViewMiddleware
from .helpers import is_cross_domain_request_allowed, skip_cross_domain_referer_check

2
openedx/core/djangoapps/cors_csrf/tests/test_middleware.py
View File

@@ -9,7 +9,7 @@ from django.test import TestCase
from django.test.utils import override_settings
from django.core.exceptions import MiddlewareNotUsed, ImproperlyConfigured
from django.http import HttpResponse
from django.middleware.csrf import CsrfViewMiddleware
from birdcage.v1_11.csrf import CsrfViewMiddleware
from ..middleware import CorsCSRFMiddleware, CsrfCrossDomainCookieMiddleware

1
requirements/edx/base.txt
View File

@@ -17,6 +17,7 @@ dealer==2.0.4
defusedxml==0.4.1
django-babel-underscore==0.5.2
markey==0.8 # From django-babel-underscore
django-birdcage==1.0.0
django-config-models==0.1.8
django-countries==4.6.1
django-filter==1.0.4