added csrf handling to quickedit

dcc72a2a · ichuang · 22572bf8 · dcc72a2a · dcc72a2a
Commit dcc72a2a authored May 26, 2012 by ichuang
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 0 deletions

djangoapps/courseware/views.py
+1 -0

templates/quickedit.html
+1 -0

No files found.
--- a/djangoapps/courseware/views.py
+++ b/djangoapps/courseware/views.py
@@ -387,6 +387,7 @@ def quickedit(request, id=None):
               'pxmls' : pxmls,
               'phtml' : phtml,
               'init_js':instance.get_init_js(),
+               'csrf':csrf(request)['csrf_token'],
               }

    result = render_to_response('quickedit.html', context)

--- a/templates/quickedit.html
+++ b/templates/quickedit.html
@@ -53,6 +53,7 @@ function postJSON(url, data, callback) {
 <br/>
 <input type="submit" value="Change Problem" name="qesubmit" />
 <input type="submit" value="Revert to original" name="qesubmit" />
+<input type="hidden" name="csrfmiddlewaretoken" value="${csrf}"/>
 </form>

 <span>${msg|n}</span>