From cbcb0ee8abb63ce1690f7a020d9eb9f7d6840c06 Mon Sep 17 00:00:00 2001
From: Calen Pennington <cale@edx.org>
Date: Fri, 27 Feb 2015 09:48:42 -0500
Subject: [PATCH] Teach edx-mako to force csrf_tokens to unicode (from
 smart_strings)

---
 common/djangoapps/edxmako/shortcuts.py     | 7 +++++++
 lms/djangoapps/courseware/module_render.py | 2 +-
 2 files changed, 8 insertions(+), 1 deletion(-)

diff --git a/common/djangoapps/edxmako/shortcuts.py b/common/djangoapps/edxmako/shortcuts.py
index f7e90823d8..daa2feeda8 100644
--- a/common/djangoapps/edxmako/shortcuts.py
+++ b/common/djangoapps/edxmako/shortcuts.py
@@ -122,6 +122,13 @@ def render_to_string(template_name, dictionary, context=None, namespace='main'):
         context_dictionary.update(item)
     if context:
         context_dictionary.update(context)
+
+    # "Fix" CSRF token by evaluating the lazy object
+    KEY_CSRF_TOKENS = ('csrf_token', 'csrf')
+    for key in KEY_CSRF_TOKENS:
+        if key in context_dictionary:
+            context_dictionary[key] = unicode(context_dictionary[key])
+
     # fetch and render template
     template = lookup_template(namespace, template_name)
     return template.render_unicode(**context_dictionary)
diff --git a/lms/djangoapps/courseware/module_render.py b/lms/djangoapps/courseware/module_render.py
index 166bf1029e..e0ec21d6eb 100644
--- a/lms/djangoapps/courseware/module_render.py
+++ b/lms/djangoapps/courseware/module_render.py
@@ -975,7 +975,7 @@ def xblock_view(request, course_id, usage_id, view_name):
     return JsonResponse({
         'html': fragment.content,
         'resources': hashed_resources.items(),
-        'csrf_token': str(csrf(request)['csrf_token']),
+        'csrf_token': unicode(csrf(request)['csrf_token']),
     })