summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorBenjamin Dauvergne <bdauvergne@entrouvert.com>2019-07-12 10:12:15 (GMT)
committerBenjamin Dauvergne <bdauvergne@entrouvert.com>2019-07-12 11:41:49 (GMT)
commit80074ea20120598ad15ff2e1f4c8faacc88fef21 (patch)
tree46254e48e46e77e426e145ccfabf69d6ae3b9b42
parentab92ca9a076326d3b8a56999945893135b2c9edd (diff)
downloaddjango-mellon-master.zip
django-mellon-master.tar.gz
django-mellon-master.tar.bz2
middleware: prevent passive authentication on ajax requests (#34781)HEADv1.3master
-rw-r--r--mellon/middleware.py3
1 files changed, 3 insertions, 0 deletions
diff --git a/mellon/middleware.py b/mellon/middleware.py
index 24b950b..bd9e82b 100644
--- a/mellon/middleware.py
+++ b/mellon/middleware.py
@@ -34,6 +34,9 @@ class PassiveAuthenticationMiddleware(object):
return response
def process_view(self, request, view_func, view_args, view_kwargs):
+ # Skip AJAX requests
+ if request.is_ajax():
+ return
# Skip views asking to be skiped
if getattr(view_func, 'mellon_no_passive', False):
return