Remove the language select form from error pages
- Without the language select form, no CSRF cookies will be sentremove-default-role
parent
fc9c989e5f
commit
a746c14d9f
|
@ -37,7 +37,6 @@ from django.conf import settings
|
|||
from django.http import HttpResponse, HttpResponseRedirect, Http404
|
||||
from django.shortcuts import get_object_or_404
|
||||
from django.shortcuts import render
|
||||
from django.views.decorators.csrf import csrf_exempt
|
||||
from django.views.static import serve
|
||||
|
||||
from readthedocs.builds.models import Version
|
||||
|
@ -99,7 +98,6 @@ def map_project_slug(view_func):
|
|||
return inner_view
|
||||
|
||||
|
||||
@csrf_exempt
|
||||
@map_project_slug
|
||||
@map_subproject_slug
|
||||
def redirect_project_slug(request, project, subproject): # pylint: disable=unused-argument
|
||||
|
@ -107,7 +105,6 @@ def redirect_project_slug(request, project, subproject): # pylint: disable=unus
|
|||
return HttpResponseRedirect(resolve(subproject or project))
|
||||
|
||||
|
||||
@csrf_exempt
|
||||
@map_project_slug
|
||||
@map_subproject_slug
|
||||
def redirect_page_with_filename(request, project, subproject, filename): # pylint: disable=unused-argument # noqa
|
||||
|
@ -147,7 +144,6 @@ def _serve_file(request, filename, basepath):
|
|||
return response
|
||||
|
||||
|
||||
@csrf_exempt
|
||||
@map_project_slug
|
||||
@map_subproject_slug
|
||||
def serve_docs(
|
||||
|
|
|
@ -10,6 +10,9 @@
|
|||
{% include "error_header.html" %}
|
||||
{% endblock %}
|
||||
|
||||
{# Hide the language select form so we don't set a CSRF cookie #}
|
||||
{% block language-select-form %}{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<h3>Permission Denied</h3>
|
||||
<p>
|
||||
|
|
|
@ -10,6 +10,9 @@
|
|||
{% include "error_header.html" %}
|
||||
{% endblock %}
|
||||
|
||||
{# Hide the language select form so we don't set a CSRF cookie #}
|
||||
{% block language-select-form %}{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
{% if suggestion %}
|
||||
<div class="suggestions">
|
||||
|
|
|
@ -9,6 +9,9 @@
|
|||
{% include "error_header.html" %}
|
||||
{% endblock %}
|
||||
|
||||
{# Hide the language select form so we don't set a CSRF cookie #}
|
||||
{% block language-select-form %}{% endblock %}
|
||||
|
||||
{% block content %}
|
||||
<pre style="line-height: 1.25; white-space: pre;">
|
||||
.
|
||||
|
|
|
@ -178,6 +178,7 @@
|
|||
</p>
|
||||
</div>
|
||||
|
||||
{% block language-select-form %}
|
||||
<div class="column-setlang">
|
||||
{% get_current_language as current_lang %}
|
||||
<form action="/i18n/setlang/" method="post" style="float: right">
|
||||
|
@ -196,6 +197,7 @@
|
|||
</form>
|
||||
</div>
|
||||
</div>
|
||||
{% endblock language-select-form %}
|
||||
|
||||
{% endblock %}
|
||||
|
||||
|
|
Loading…
Reference in New Issue