Exclude the ftp info upload page from CSRF checks

author Magnus Hagander <magnus@hagander.net>

Sun, 16 Jun 2013 16:32:06 +0000 (18:32 +0200)

committer Magnus Hagander <magnus@hagander.net>

Sun, 16 Jun 2013 16:32:30 +0000 (18:32 +0200)
author Magnus Hagander <magnus@hagander.net>
Sun, 16 Jun 2013 16:32:06 +0000 (18:32 +0200)
committer Magnus Hagander <magnus@hagander.net>
Sun, 16 Jun 2013 16:32:30 +0000 (18:32 +0200)
diff --git a/pgweb/downloads/views.py b/pgweb/downloads/views.py

index 6cdae8a33c6ce34f491ff9fc010bc5c2d616a526..2c4758701364fada16d9f6b16aaed572b7d0a096 100644 (file)
--- a/pgweb/downloads/views.py
+++ b/pgweb/downloads/views.py
@@ -2,6 +2,7 @@ from django.shortcuts import render_to_response, get_object_or_404
  from django.http import HttpResponse, Http404, HttpResponseRedirect
  from django.template import TemplateDoesNotExist, loader, Context
  from django.contrib.auth.decorators import login_required
+from django.views.decorators.csrf import csrf_exempt
  from django.db import connection, transaction
  from django.conf import settings
  
@@ -105,6 +106,7 @@ def _get_numeric_ip(request):
  # There is no concurrency check - the ftp site better not send more than one
  # file in parallel.
  @ssl_required
+@csrf_exempt
  def uploadftp(request):
         if request.method != 'PUT':
                 return HttpServerError("Invalid method")
author	Magnus Hagander <magnus@hagander.net>
	Sun, 16 Jun 2013 16:32:06 +0000 (18:32 +0200)
committer	Magnus Hagander <magnus@hagander.net>
	Sun, 16 Jun 2013 16:32:30 +0000 (18:32 +0200)