Revert "made Browsable API base template cachable: omit CSRF token when unnecessary (#7717)" (#7847)

This reverts commit 9c9ffb18f4.

rest_framework/templates/rest_framework/base.html

@@ -290,7 +290,7 @@
       <script>
         window.drf = {
           csrfHeaderName: "{{ csrf_header_name|default:'X-CSRFToken' }}",
-          csrfToken: "{% if request %}{% if post_form or put_form %}{{ csrf_token }}{% endif %}{% endif %}"
+          csrfToken: "{% if request %}{{ csrf_token }}{% endif %}"
         };
       </script>
       <script src="{% static "rest_framework/js/jquery-3.5.1.min.js" %}"></script>

tests/test_templates.py

@@ -3,23 +3,15 @@ import re
 from django.shortcuts import render
 
 
+def test_base_template_with_context():
+    context = {'request': True, 'csrf_token': 'TOKEN'}
+    result = render({}, 'rest_framework/base.html', context=context)
+    assert re.search(r'\bcsrfToken: "TOKEN"', result.content.decode())
+
+
 def test_base_template_with_no_context():
     # base.html should be renderable with no context,
     # so it can be easily extended.
     result = render({}, 'rest_framework/base.html')
     # note that this response will not include a valid CSRF token
     assert re.search(r'\bcsrfToken: ""', result.content.decode())
-
-
-def test_base_template_with_simple_context():
-    context = {'request': True, 'csrf_token': 'TOKEN'}
-    result = render({}, 'rest_framework/base.html', context=context)
-    # note that response will STILL not include a CSRF token
-    assert re.search(r'\bcsrfToken: ""', result.content.decode())
-
-
-def test_base_template_with_editing_context():
-    context = {'request': True, 'post_form': object(), 'csrf_token': 'TOKEN'}
-    result = render({}, 'rest_framework/base.html', context=context)
-    # response includes a CSRF token in support of the POST form
-    assert re.search(r'\bcsrfToken: "TOKEN"', result.content.decode())