opensourceprojects.eu / osp-allura / Diff of /Allura/allura/lib/custom

Diff of /Allura/allura/lib/custom_middleware.py [2cbe26] .. [3d8df8]

Switch to side-by-side view

--- a/Allura/allura/lib/custom_middleware.py
+++ b/Allura/allura/lib/custom_middleware.py
@@ -137,9 +137,9 @@
 
     def __call__(self, environ, start_response):
         req = Request(environ)
+        param = req.str_POST.pop(self._param_name, None)
         if req.method == 'POST':
             cookie = req.cookies.get(self._cookie_name)
-            param = req.params.get(self._param_name)
             if cookie != param:
                 log.warning('CSRF attempt detected, %r != %r', cookie, param)
                 del environ['HTTP_COOKIE']