def csrf_view(context, request): # Assume that anything not defined as 'safe' by RFC2616 needs # protection if (request.method not in SAFE_REQUEST_METHODS and ( # skip exception views unless value is explicitly defined getattr(request, 'exception', None) is None or explicit_val is not None)): check_csrf_origin(request, raises=True) check_csrf_token(request, resolved_val, raises=True) return view(context, request)
def csrf_view(context, request): is_from_auth_token = 'auth:auth_token' in \ request.effective_principals if is_from_auth_token: log.debug('ignoring CSRF check, auth token used') elif (request.method not in safe_methods and ( getattr(request, 'exception', None) is None or explicit_val is not None)): check_csrf_origin(request, raises=True) check_csrf_token(request, token, header, raises=True) return view(context, request)
def csrf_view(context, request): is_from_auth_token = "auth:auth_token" in request.effective_principals if is_from_auth_token: log.debug("ignoring CSRF check, auth token used") elif request.method not in safe_methods and ( # skip exception views unless value is explicitly defined getattr(request, "exception", None) is None or explicit_val is not None): check_csrf_origin(request, raises=True) check_csrf_token(request, token, header, raises=True) return view(context, request)
def csrf_view(context, request): if ( request.method not in safe_methods and ( # skip exception views unless value is explicitly defined getattr(request, 'exception', None) is None or explicit_val is not None ) ): check_csrf_origin(request, raises=True) check_csrf_token(request, token, header, raises=True) return view(context, request)
def csrf_view(context, request): # Assume that anything not defined as 'safe' by RFC2616 needs # protection if ( request.method not in SAFE_REQUEST_METHODS and ( # skip exception views unless value is explicitly defined getattr(request, 'exception', None) is None or explicit_val is not None ) ): check_csrf_origin(request, raises=True) check_csrf_token(request, resolved_val, raises=True) return view(context, request)
def csrf_view(context, request): if request.method not in safe_methods and (callback is None or callback(request)): check_csrf_origin(request, raises=True) check_csrf_token(request, token, header, raises=True) return view(context, request)
def csrf_view(context, request): if request.method not in safe_methods: check_csrf_origin(request, raises=True) check_csrf_token(request, token, header, raises=True) return view(context, request)
def csrf_view(context, request): if (request.method not in safe_methods and (callback is None or callback(request))): check_csrf_origin(request, raises=True) check_csrf_token(request, token, header, raises=True) return view(context, request)