Merge pull request #5856 from edx/django-require-post

The Django @require_POST decorator is cool.

Merge pull request #5856 from edx/django-require-post
The Django @require_POST decorator is cool.
6774d1c0 · David Baumgold · b0b1744e · 18083e98 · 6774d1c0
Commit 6774d1c0 authored Nov 10, 2014 by David Baumgold
Hide whitespace changes
Inline Side-by-side

Showing with 1 additions and 3 deletions

common/djangoapps/student/views.py
+1 -3

No files found.
--- a/common/djangoapps/student/views.py
+++ b/common/djangoapps/student/views.py
@@ -1790,11 +1790,9 @@ def activate_account(request, key):


 @csrf_exempt
+@require_POST
 def password_reset(request):
    """ Attempts to send a password reset e-mail. """
-    if request.method != "POST":
-        raise Http404
-
    # Add some rate limiting here by re-using the RateLimitMixin as a helper class
    limiter = BadRequestRateLimiter()
    if limiter.is_rate_limit_exceeded(request):