Home Explore Help
Sign In
221V
/
Misago
1
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Browse Source

Decorated views with sensitive_post_parameters

Rafał Pitoń 11 years ago
parent
bb49e1163a
commit
407782a680
2 changed files with 4 additions and 0 deletions
Unified View Show Diff Stats
  1. 2 0
      misago/users/views/api.py
  2. 2 0
      misago/users/views/register.py

+ 2 - 0
misago/users/views/api.py
View File 

@@ -1,6 +1,7 @@
 
 from django.core.exceptions import ValidationError
 
 from django.core.exceptions import ValidationError
 
 from django.http import JsonResponse
 
 from django.http import JsonResponse
 
 from django.utils.translation import ugettext as _
 
 from django.utils.translation import ugettext as _
 
+from django.views.decorators.debug import sensitive_post_parameters
 
 
 
 from misago.core.decorators import ajax_only, require_POST
 
 from misago.core.decorators import ajax_only, require_POST
 
 
 
@@ -8,6 +9,7 @@ from misago.users import validators
 
 
 
 
 
 def api(f):
 
 def api(f):
 
+    @sensitive_post_parameters
 
     @ajax_only
 
     @ajax_only
 
     @require_POST
 
     @require_POST
 
     def decorator(request, *args, **kwargs):
 
     def decorator(request, *args, **kwargs):

+ 2 - 0
misago/users/views/register.py
View File 

@@ -1,4 +1,5 @@
 
 from django.shortcuts import redirect, render
 
 from django.shortcuts import redirect, render
 
+from django.views.decorators.debug import sensitive_post_parameters
 
 
 
 from misago.conf import settings
 
 from misago.conf import settings
 
 from misago.users.decorators import deny_authenticated, deny_banned_ips
 
 from misago.users.decorators import deny_authenticated, deny_banned_ips
 
@@ -14,6 +15,7 @@ def register_decorator(f):
 
     return decorator
 
     return decorator
 
 
 
 
 
+@sensitive_post_parameters
 
 @deny_authenticated
 
 @deny_authenticated
 
 @deny_banned_ips
 
 @deny_banned_ips
 
 @register_decorator
 
 @register_decorator