Merge pull request #1887 from pipermerriam/piper/decorate_as_view_response_from_viewsets

Fix missing CSRF exemption on viewsets

Merge pull request #1887 from pipermerriam/piper/decorate_as_view_response_from_viewsets
Fix missing CSRF exemption on viewsets
1e9ea377 · Tom Christie · ddbd3cb6 · 7f758d1c · 1e9ea377
Commit 1e9ea377 authored Sep 18, 2014 by Tom Christie
Show whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletions

rest_framework/viewsets.py
+2 -1

No files found.
--- a/rest_framework/viewsets.py
+++ b/rest_framework/viewsets.py
@@ -20,6 +20,7 @@ from __future__ import unicode_literals

 from functools import update_wrapper
 from django.utils.decorators import classonlymethod
+from django.views.decorators.csrf import csrf_exempt
 from rest_framework import views, generics, mixins


@@ -89,7 +90,7 @@ class ViewSetMixin(object):
        # resolved URL.
        view.cls = cls
        view.suffix = initkwargs.get('suffix', None)
-        return view
+        return csrf_exempt(view)

    def initialize_request(self, request, *args, **kargs):
        """