[Pypi-checkins] r960 - trunk/pypi
richard
python-checkins at python.org
Tue Aug 23 08:48:28 CEST 2011
Author: richard
Date: Tue Aug 23 08:48:28 2011
New Revision: 960
Modified:
trunk/pypi/webui.py
Log:
remove csrf token check from distutils register/upload command handlers
Modified: trunk/pypi/webui.py
==============================================================================
--- trunk/pypi/webui.py (original)
+++ trunk/pypi/webui.py Tue Aug 23 08:48:28 2011
@@ -1776,9 +1776,6 @@
self.validate_metadata(data)
except ValueError, message:
raise FormError, message
-
- if self.form['CSRFToken'] != self.store.get_token(self.username):
- raise FormError, "Form Failure; reset form submission"
name = data['name']
version = data['version']
@@ -2130,8 +2127,6 @@
if not self.authenticated:
raise Unauthorised, \
"You must be identified to edit package information"
- if self.form['CSRFToken'] != self.store.get_token(self.username):
- raise FormError, "Form Failure; reset form submission"
# Verify protocol version
if self.form.has_key('protocol_version'):
More information about the Pypi-checkins
mailing list