Merge pull request #7155 from edx/django-upgrade/unicode-csrf-tokens

Teach edx-mako to force csrf_tokens to unicode (from smart_strings)

Merge pull request #7155 from edx/django-upgrade/unicode-csrf-tokens
Teach edx-mako to force csrf_tokens to unicode (from smart_strings)
820b0118 · Calen Pennington · 0c1cc07b · cbcb0ee8 · 820b0118 · 820b0118
Commit 820b0118 authored Feb 27, 2015 by Calen Pennington
Hide whitespace changes
Inline Side-by-side

Showing with 8 additions and 1 deletions

common/djangoapps/edxmako/shortcuts.py
+7 -0

lms/djangoapps/courseware/module_render.py
+1 -1

No files found.
--- a/common/djangoapps/edxmako/shortcuts.py
+++ b/common/djangoapps/edxmako/shortcuts.py
@@ -122,6 +122,13 @@ def render_to_string(template_name, dictionary, context=None, namespace='main'):
        context_dictionary.update(item)
    if context:
        context_dictionary.update(context)
+
+    # "Fix" CSRF token by evaluating the lazy object
+    KEY_CSRF_TOKENS = ('csrf_token', 'csrf')
+    for key in KEY_CSRF_TOKENS:
+        if key in context_dictionary:
+            context_dictionary[key] = unicode(context_dictionary[key])
+
    # fetch and render template
    template = lookup_template(namespace, template_name)
    return template.render_unicode(**context_dictionary)

--- a/lms/djangoapps/courseware/module_render.py
+++ b/lms/djangoapps/courseware/module_render.py
@@ -975,7 +975,7 @@ def xblock_view(request, course_id, usage_id, view_name):
    return JsonResponse({
        'html': fragment.content,
        'resources': hashed_resources.items(),
-        'csrf_token': str(csrf(request)['csrf_token']),
+        'csrf_token': unicode(csrf(request)['csrf_token']),
    })