# -*- coding: utf-8 -*-
-# This file is part of Wolnelektury, licensed under GNU Affero GPLv3 or later.
-# Copyright © Fundacja Nowoczesna Polska. See NOTICE for more information.
+# This file is part of django-ssify, licensed under GNU Affero GPLv3 or later.
+# Copyright © Fundacja Nowoczesna Polska. See README.md for more information.
#
-from __future__ import absolute_import
+from __future__ import absolute_import, unicode_literals
from django.conf import settings
-from django.core.urlresolvers import NoReverseMatch, reverse, resolve
-from django.middleware.csrf import get_token, rotate_token, _sanitize_token
+try:
+ from django.urls import NoReverseMatch, reverse, resolve
+except ImportError:
+ # Django < 2
+ from django.core.urlresolvers import NoReverseMatch, reverse, resolve
+
+from django.middleware.csrf import get_token, _sanitize_token, rotate_token
from django import template
+from django.utils.safestring import mark_safe
from django.utils.translation import get_language
from ssify.decorators import ssi_variable
+from ssify.utils import ssi_vary_on_cookie
from ssify.variables import SsiVariable
for var in pass_vars:
if not isinstance(var, SsiVariable):
var = SsiVariable(*var)
+ if not hasattr(request, 'ssi_vars_needed'):
+ request.ssi_vars_needed = {}
request.ssi_vars_needed[var.name] = var
+ # Remember the decorators to use on the including view.
+ patch_response = getattr(view, 'ssi_patch_response', None)
+ if patch_response:
+ if not hasattr(request, 'ssi_patch_response'):
+ request.ssi_patch_response = []
+ request.ssi_patch_response.extend(patch_response)
+
# Output the SSI include.
- return "<!--#include file='%s'-->" % url
+ return mark_safe("<!--#include file='%s'-->" % url)
-@ssi_variable(register, vary=('Cookie',))
+@ssi_variable(register, patch_response=[ssi_vary_on_cookie])
def get_csrf_token(request):
"""
- As CsrfViewMiddleware.process_view is never for a cached response,
- and we still need to provide a request-specific CSRF token as
- request-info ssi variable, we must make sure here that the
- CSRF token is in request.META['CSRF_COOKIE'].
+ CsrfViewMiddleware.process_view is never called for cached
+ responses, and we still need to provide a CSRF token as an
+ ssi variable, we must make sure here that the CSRF token
+ is in request.META['CSRF_COOKIE'].
"""
token = get_token(request)
@register.inclusion_tag('ssify/csrf_token.html', takes_context=True)
-def csrf_token(context):
+def ssi_csrf_token(context):
return {'request': context['request']}