From 317c8ceec4eacb3ed1ca7d99acaf386289a11f6a Mon Sep 17 00:00:00 2001 From: Syrus Akbary Date: Mon, 19 Sep 2016 23:14:59 -0700 Subject: [PATCH] Ensure CSRF cookie is set. Updated dev version --- graphene_django/views.py | 3 +++ setup.py | 2 +- 2 files changed, 4 insertions(+), 1 deletion(-) diff --git a/graphene_django/views.py b/graphene_django/views.py index 69beed6..27a27df 100644 --- a/graphene_django/views.py +++ b/graphene_django/views.py @@ -6,7 +6,9 @@ import six from django.http import HttpResponse, HttpResponseNotAllowed from django.http.response import HttpResponseBadRequest from django.shortcuts import render +from django.utils.decorators import method_decorator from django.views.generic import View +from django.views.decorators.csrf import ensure_csrf_cookie from graphql import Source, execute, parse, validate from graphql.error import format_error as format_graphql_error @@ -89,6 +91,7 @@ class GraphQLView(View): def get_context(self, request): return request + @method_decorator(ensure_csrf_cookie) def dispatch(self, request, *args, **kwargs): try: if request.method.lower() not in ('get', 'post'): diff --git a/setup.py b/setup.py index ef53c62..823d196 100644 --- a/setup.py +++ b/setup.py @@ -2,7 +2,7 @@ from setuptools import find_packages, setup setup( name='graphene-django', - version='1.0.dev20160919000002', + version='1.0.dev20160919000003', description='Graphene Django integration', long_description=open('README.rst').read(),