Skip to content

E
edx-platform
Commit dcc72a2a by ichuang
Options

added csrf handling to quickedit

parent 22572bf8
Showing with 2 additions and 0 deletions
djangoapps/courseware/views.py
...@@ -387,6 +387,7 @@ def quickedit(request, id=None): ...@@ -387,6 +387,7 @@ def quickedit(request, id=None):
'pxmls' : pxmls, 'pxmls' : pxmls,
'phtml' : phtml, 'phtml' : phtml,
'init_js':instance.get_init_js(), 'init_js':instance.get_init_js(),
'csrf':csrf(request)['csrf_token'],
} }
result = render_to_response('quickedit.html', context) result = render_to_response('quickedit.html', context)
......
templates/quickedit.html
...@@ -53,6 +53,7 @@ function postJSON(url, data, callback) { ...@@ -53,6 +53,7 @@ function postJSON(url, data, callback) {
<br/> <br/>
<input type="submit" value="Change Problem" name="qesubmit" /> <input type="submit" value="Change Problem" name="qesubmit" />
<input type="submit" value="Revert to original" name="qesubmit" /> <input type="submit" value="Revert to original" name="qesubmit" />
<input type="hidden" name="csrfmiddlewaretoken" value="${csrf}"/>
</form> </form>
<span>${msg|n}</span> <span>${msg|n}</span>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment