# HG changeset patch
# User ymh <ymh.work@gmail.com>
# Date 1289986135 -3600
# Node ID 37e051f2264d22df928b57afbfb4c78a57126ae1
# Parent  446e0fd2ae556fc5261939e515f3247579b8724f
csrf protection unplug

diff -r 446e0fd2ae55 -r 37e051f2264d web/ldt/text/views.py
--- a/web/ldt/text/views.py	Wed Nov 17 01:25:52 2010 +0100
+++ b/web/ldt/text/views.py	Wed Nov 17 10:28:55 2010 +0100
@@ -12,12 +12,13 @@
 from django.template.loader import render_to_string
 from django.utils.html import escape
 from django.utils.translation import ugettext as _, ungettext
+from django.views.decorators.csrf import csrf_exempt
 from httplib import CONFLICT
 from ldt.core.models import Owner
+from ldt.text.models import *
 from ldt.text.utils import boolean_convert
 from lxml import etree
 from lxml.html import fromstring, fragment_fromstring
-from ldt.text.models import *
 from string import Template
 from urllib2 import urlparse
 from utils import *
@@ -99,8 +100,10 @@
 ## Creates an annotation from a urlencoded xml content
 ## Returns an xml-structured annotation
 #@login_required
+@csrf_exempt
 def create_annotation(request, content):
-    cont = base64.urlsafe_b64decode(str(request.POST["content"]))
+    #cont = base64.urlsafe_b64decode(str(request.POST["content"]))
+    cont = str(request.POST["content"])
     doc = lxml.etree.fromstring(cont)
     
     id = unicode(doc.xpath("/iri/text-annotation/id/text()")[0])
@@ -188,6 +191,7 @@
 ## Deletes an annotation (from its id)
 ## Returns an empty xml-structured annotation
 #@login_required
+@csrf_exempt
 def delete_annotation(request, id):
     try:
         annot = Annotation.objects.get(external_id=request.POST["id"])
@@ -204,6 +208,7 @@
 ## Updates the content of an annotation
 ## Returns the xml-structured updated annotation
 #@login_required
+@csrf_exempt
 def update_annotation(request, content, id):
     try:
         annot = Annotation.objects.get(external_id=request.POST["id"])
diff -r 446e0fd2ae55 -r 37e051f2264d web/leezam/config.py.tmpl
--- a/web/leezam/config.py.tmpl	Wed Nov 17 01:25:52 2010 +0100
+++ b/web/leezam/config.py.tmpl	Wed Nov 17 10:28:55 2010 +0100
@@ -2,7 +2,7 @@
 
 SITE_ID = 1
 
-BASE_DIR = os.path.dirname(os.path.abspath(__file__)).lstrip("/")+"/"
+BASE_DIR = os.path.dirname(os.path.abspath(__file__)).rstrip("/")+"/"
 BASE_URL = '/~ymh/leezam/'
 WEB_URL = 'http://localhost/'
 MEDIA_BASE_URL = BASE_URL + 'static/'
diff -r 446e0fd2ae55 -r 37e051f2264d web/leezam/settings.py
--- a/web/leezam/settings.py	Wed Nov 17 01:25:52 2010 +0100
+++ b/web/leezam/settings.py	Wed Nov 17 10:28:55 2010 +0100
@@ -75,7 +75,7 @@
 MIDDLEWARE_CLASSES = (
     'django.middleware.common.CommonMiddleware',
     'django.contrib.sessions.middleware.SessionMiddleware',
-    'django.middleware.csrf.CsrfViewMiddleware',
+#    'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.middleware.locale.LocaleMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',