Merge pull request #1887 from pipermerriam/piper/decorate_as_view_response_from_viewsets

Fix missing CSRF exemption on viewsets
2024-11-26 11:33:59 +03:00 · 2014-09-18 19:13:47 +01:00 · 2014-09-18 19:13:47 +01:00 · 1e9ea377e3
commit 1e9ea377e3
parent ddbd3cb659 7f758d1cf6
1 changed files with 2 additions and 1 deletions
--- a/rest_framework/viewsets.py
+++ b/rest_framework/viewsets.py
@ -20,6 +20,7 @@ from __future__ import unicode_literals

 from functools import update_wrapper
 from django.utils.decorators import classonlymethod
+from django.views.decorators.csrf import csrf_exempt
 from rest_framework import views, generics, mixins


@ -89,7 +90,7 @@ class ViewSetMixin(object):
        # resolved URL.
        view.cls = cls
        view.suffix = initkwargs.get('suffix', None)
-        return view
+        return csrf_exempt(view)

    def initialize_request(self, request, *args, **kargs):
        """