Skip to content

D
django-rest-framework
Commit 4f16c544 by José Padilla
Options

Merge pull request #4049 from clintonb/csrf-cookie-fix 

Added support for custom CSRF cookie names
parents 1823662e 9d9658f1
Showing with 14 additions and 2 deletions
rest_framework/renderers.py
...@@ -12,6 +12,7 @@ import json ...@@ -12,6 +12,7 @@ import json
from collections import OrderedDict from collections import OrderedDict
from django import forms from django import forms
from django.conf import settings
from django.core.exceptions import ImproperlyConfigured from django.core.exceptions import ImproperlyConfigured
from django.core.paginator import Page from django.core.paginator import Page
from django.http.multipartparser import parse_header from django.http.multipartparser import parse_header
...@@ -657,7 +658,8 @@ class BrowsableAPIRenderer(BaseRenderer): ...@@ -657,7 +658,8 @@ class BrowsableAPIRenderer(BaseRenderer):
'display_edit_forms': bool(response.status_code != 403), 'display_edit_forms': bool(response.status_code != 403),
'api_settings': api_settings 'api_settings': api_settings,
'csrf_cookie_name': settings.CSRF_COOKIE_NAME,
} }
return context return context
......
rest_framework/static/rest_framework/js/csrf.js
...@@ -33,7 +33,7 @@ function sameOrigin(url) { ...@@ -33,7 +33,7 @@ function sameOrigin(url) {
!(/^(\/\/|http:|https:).*/.test(url)); !(/^(\/\/|http:|https:).*/.test(url));
} }
var csrftoken = getCookie('csrftoken'); var csrftoken = getCookie(window.drf.csrfCookieName);
$.ajaxSetup({ $.ajaxSetup({
beforeSend: function(xhr, settings) { beforeSend: function(xhr, settings) {
......
rest_framework/templates/rest_framework/admin.html
...@@ -230,6 +230,11 @@ ...@@ -230,6 +230,11 @@
{% if filter_form %}{{ filter_form }}{% endif %} {% if filter_form %}{{ filter_form }}{% endif %}
{% block script %} {% block script %}
<script>
window.drf = {
csrfCookieName: "{{ csrf_cookie_name|default:'csrftoken' }}"
};
</script>
<script src="{% static "rest_framework/js/jquery-1.11.3.min.js" %}"></script> <script src="{% static "rest_framework/js/jquery-1.11.3.min.js" %}"></script>
<script src="{% static "rest_framework/js/ajax-form.js" %}"></script> <script src="{% static "rest_framework/js/ajax-form.js" %}"></script>
<script src="{% static "rest_framework/js/csrf.js" %}"></script> <script src="{% static "rest_framework/js/csrf.js" %}"></script>
......
rest_framework/templates/rest_framework/base.html
...@@ -258,6 +258,11 @@ ...@@ -258,6 +258,11 @@
</div><!-- ./wrapper --> </div><!-- ./wrapper -->
{% block script %} {% block script %}
<script>
window.drf = {
csrfCookieName: "{{ csrf_cookie_name|default:'csrftoken' }}"
};
</script>
<script src="{% static "rest_framework/js/jquery-1.11.3.min.js" %}"></script> <script src="{% static "rest_framework/js/jquery-1.11.3.min.js" %}"></script>
<script src="{% static "rest_framework/js/ajax-form.js" %}"></script> <script src="{% static "rest_framework/js/ajax-form.js" %}"></script>
<script src="{% static "rest_framework/js/csrf.js" %}"></script> <script src="{% static "rest_framework/js/csrf.js" %}"></script>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment