# HG changeset patch # User Production Moz # Date 1337291883 -7200 # Node ID 83b032cbf471f83c8b524e2f770df273dba2075e # Parent 96c16cc6408b2f1ca00f00d54efff90a2a26daff Avoids HTTP 403 on reset password, seehttps://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ref-contrib-csrf. diff -r 96c16cc6408b -r 83b032cbf471 src/cm/settings.py --- a/src/cm/settings.py Tue May 15 14:15:34 2012 +0200 +++ b/src/cm/settings.py Thu May 17 23:58:03 2012 +0200 @@ -78,6 +78,7 @@ 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.locale.LocaleMiddleware', 'djangoflash.middleware.FlashMiddleware', + 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'cm.middleware.CmMiddleware', ) diff -r 96c16cc6408b -r 83b032cbf471 src/cm/templates/site/forgot_pw.html --- a/src/cm/templates/site/forgot_pw.html Tue May 15 14:15:34 2012 +0200 +++ b/src/cm/templates/site/forgot_pw.html Thu May 17 23:58:03 2012 +0200 @@ -14,7 +14,7 @@

{% blocktrans %}Reset my password{% endblocktrans %}

{% if form %} -
+{% csrf_token %} @@ -45,4 +45,4 @@

{% endif %} -{% endblock %} \ No newline at end of file +{% endblock %} diff -r 96c16cc6408b -r 83b032cbf471 src/cm/templates/site/login_form.html --- a/src/cm/templates/site/login_form.html Tue May 15 14:15:34 2012 +0200 +++ b/src/cm/templates/site/login_form.html Thu May 17 23:58:03 2012 +0200 @@ -1,7 +1,7 @@ {% load i18n %}
- +{% csrf_token %}
{% blocktrans with CONF.workspace_name as wname %}{{ wname }} Login{% endblocktrans %} diff -r 96c16cc6408b -r 83b032cbf471 src/cm/templates/site/reset_pw.html --- a/src/cm/templates/site/reset_pw.html Tue May 15 14:15:34 2012 +0200 +++ b/src/cm/templates/site/reset_pw.html Thu May 17 23:58:03 2012 +0200 @@ -27,4 +27,4 @@
-{% endblock %} \ No newline at end of file +{% endblock %}