From 9202e5a1e15183b134fa15c4e1290dea8ed2acbe Mon Sep 17 00:00:00 2001
From: Nathan Yergler <nathan@yergler.net>
Date: Sat, 1 Oct 2011 14:24:49 -0700
Subject: #361: Removing additional secret key, per CW's request.

---
 mediagoblin/middleware/csrf.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'mediagoblin/middleware')

diff --git a/mediagoblin/middleware/csrf.py b/mediagoblin/middleware/csrf.py
index d41bcd87..44b799d5 100644
--- a/mediagoblin/middleware/csrf.py
+++ b/mediagoblin/middleware/csrf.py
@@ -106,7 +106,7 @@ class CsrfMiddleware(object):
 
         return hashlib.md5("%s%s" %
                            (randrange(0, self.MAX_CSRF_KEY),
-                            mg_globals.app_config['secret_key'])).hexdigest()
+                            randrange(0, self.MAX_CSRF_KEY))).hexdigest()
 
     def verify_tokens(self, request):
         """Verify that the CSRF Cookie exists and that it matches the
-- 
cgit v1.2.3