def add_csrf_field(match): """Returns the matched <form> tag plus the added <input> element""" return (match.group() + '\n<input type="hidden" name="%s" value="%s">' % (self.settings.CSRF.form_token_name, functions.csrf_token()))
def add_csrf_field(match): """Returns the matched <form> tag plus the added <input> element""" return match.group() + '\n<input type="hidden" name="%s" value="%s">' % ( self.settings.CSRF.form_token_name, functions.csrf_token(), )
def process_response(self, request, response): if not self.settings.get_var('CSRF/enable', False): return response token = functions.csrf_token() response.set_cookie(self.settings.CSRF.cookie_token_name, token, max_age=self.settings.CSRF.timeout) if getattr(response, 'csrf_pass', False): return response if response.headers['Content-Type'].split(';')[0] in _HTML_TYPES: def add_csrf_field(match): """Returns the matched <form> tag plus the added <input> element""" return (match.group() + '\n<input type="hidden" name="%s" value="%s">' % (self.settings.CSRF.form_token_name, functions.csrf_token())) # Modify any POST forms response.data = _POST_FORM_RE.sub(add_csrf_field, response.data) return response
def process_response(self, request, response): if not self.settings.get_var("CSRF/enable", False): return response token = functions.csrf_token() response.set_cookie(self.settings.CSRF.cookie_token_name, token, max_age=self.settings.CSRF.timeout) if getattr(response, "csrf_pass", False): return response if response.headers["Content-Type"].split(";")[0] in _HTML_TYPES: def add_csrf_field(match): """Returns the matched <form> tag plus the added <input> element""" return match.group() + '\n<input type="hidden" name="%s" value="%s">' % ( self.settings.CSRF.form_token_name, functions.csrf_token(), ) # Modify any POST forms response.data = _POST_FORM_RE.sub(add_csrf_field, response.data) return response