aboutsummaryrefslogtreecommitdiffstats
path: root/mediagoblin/meddleware/csrf.py
diff options
context:
space:
mode:
authorSebastian Spaeth <Sebastian@SSpaeth.de>2012-11-15 16:55:15 +0100
committerSebastian Spaeth <Sebastian@SSpaeth.de>2012-12-21 08:11:40 +0100
commit62d14bf50baf45ac15fe5276be74b073de880f77 (patch)
tree276c420216440323485f85c4040592a764e374fc /mediagoblin/meddleware/csrf.py
parent059eaee4dfa40e3c2e67b7d638f49955b68d9c31 (diff)
downloadmediagoblin-62d14bf50baf45ac15fe5276be74b073de880f77.tar.lz
mediagoblin-62d14bf50baf45ac15fe5276be74b073de880f77.tar.xz
mediagoblin-62d14bf50baf45ac15fe5276be74b073de880f77.zip
Transition webob.HttpForbidden to webob's exceptions Forbidden
Also the BadRequest exception.
Diffstat (limited to 'mediagoblin/meddleware/csrf.py')
-rw-r--r--mediagoblin/meddleware/csrf.py12
1 files changed, 7 insertions, 5 deletions
diff --git a/mediagoblin/meddleware/csrf.py b/mediagoblin/meddleware/csrf.py
index 1488e6d9..65db9827 100644
--- a/mediagoblin/meddleware/csrf.py
+++ b/mediagoblin/meddleware/csrf.py
@@ -17,7 +17,7 @@
import random
import logging
-from webob.exc import HTTPForbidden
+from werkzeug.exceptions import Forbidden
from wtforms import Form, HiddenField, validators
from mediagoblin import mg_globals
@@ -128,8 +128,9 @@ class CsrfMeddleware(BaseMeddleware):
if cookie_token is None:
# the CSRF cookie must be present in the request
- _log.error('CSRF cookie not present')
- return HTTPForbidden()
+ errstr = 'CSRF cookie not present'
+ _log.error(errstr)
+ return Forbidden(errstr)
# get the form token and confirm it matches
form = CsrfForm(request.form)
@@ -142,5 +143,6 @@ class CsrfMeddleware(BaseMeddleware):
# either the tokens didn't match or the form token wasn't
# present; either way, the request is denied
- _log.error('CSRF validation failed')
- return HTTPForbidden()
+ errstr = 'CSRF validation failed'
+ _log.error(errstr)
+ return Forbidden(errstr)
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-07 22:37:49 +0000