diff -r 8d941af65caf -r 77b6da96e6f1 web/lib/django/contrib/flatpages/views.py
--- /dev/null	Thu Jan 01 00:00:00 1970 +0000
+++ b/web/lib/django/contrib/flatpages/views.py	Wed Jun 02 18:57:35 2010 +0200
@@ -0,0 +1,54 @@
+from django.contrib.flatpages.models import FlatPage
+from django.template import loader, RequestContext
+from django.shortcuts import get_object_or_404
+from django.http import HttpResponse, HttpResponseRedirect
+from django.conf import settings
+from django.core.xheaders import populate_xheaders
+from django.utils.safestring import mark_safe
+from django.views.decorators.csrf import csrf_protect
+
+DEFAULT_TEMPLATE = 'flatpages/default.html'
+
+# This view is called from FlatpageFallbackMiddleware.process_response
+# when a 404 is raised, which often means CsrfViewMiddleware.process_view
+# has not been called even if CsrfViewMiddleware is installed. So we need
+# to use @csrf_protect, in case the template needs {% csrf_token %}.
+@csrf_protect
+def flatpage(request, url):
+    """
+    Flat page view.
+
+    Models: `flatpages.flatpages`
+    Templates: Uses the template defined by the ``template_name`` field,
+        or `flatpages/default.html` if template_name is not defined.
+    Context:
+        flatpage
+            `flatpages.flatpages` object
+    """
+    if not url.endswith('/') and settings.APPEND_SLASH:
+        return HttpResponseRedirect("%s/" % request.path)
+    if not url.startswith('/'):
+        url = "/" + url
+    f = get_object_or_404(FlatPage, url__exact=url, sites__id__exact=settings.SITE_ID)
+    # If registration is required for accessing this page, and the user isn't
+    # logged in, redirect to the login page.
+    if f.registration_required and not request.user.is_authenticated():
+        from django.contrib.auth.views import redirect_to_login
+        return redirect_to_login(request.path)
+    if f.template_name:
+        t = loader.select_template((f.template_name, DEFAULT_TEMPLATE))
+    else:
+        t = loader.get_template(DEFAULT_TEMPLATE)
+
+    # To avoid having to always use the "|safe" filter in flatpage templates,
+    # mark the title and content as already safe (since they are raw HTML
+    # content in the first place).
+    f.title = mark_safe(f.title)
+    f.content = mark_safe(f.content)
+
+    c = RequestContext(request, {
+        'flatpage': f,
+    })
+    response = HttpResponse(t.render(c))
+    populate_xheaders(request, response, FlatPage, f.id)
+    return response