Files · fc9be55d436dbdd4a667d331348cfb5f421c4c91 · edx / django-rest-framework

Alter CSRF exemption implementation · fc9be55d

The previous implementation of decorating `APIView.dispach` with the
`csrf_exempt` decorator allowed for an easy-to-make mistake where
someone could override the `dispatch` method on a view and inadvertantly
remove the csrf exemption of their api view.

By moving the decoration of the view into the `as_view` logic, it
becomes much more difficult to make this mistake.

committed Sep 03, 2014

fc9be55d

Name	Last commit	Last update
docs		Loading commit data...
rest_framework		Loading commit data...
tests		Loading commit data...
.gitignore		Loading commit data...
.travis.yml		Loading commit data...
CONTRIBUTING.md		Loading commit data...
MANIFEST.in		Loading commit data...
README.md		Loading commit data...
mkdocs.py		Loading commit data...
requirements-test.txt		Loading commit data...
requirements.txt		Loading commit data...
runtests.py		Loading commit data...
setup.cfg		Loading commit data...
setup.py		Loading commit data...
tox.ini		Loading commit data...

README.md