From 0b2fcf045e9434c6efbbddae07d8b79b779483a5 Mon Sep 17 00:00:00 2001
From: Rob Hudson
Date: Wed, 16 Mar 2011 20:59:08 -0700
Subject: Made views for AJAX sub-panels CSRF exempt.

---
 debug_toolbar/views.py | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'debug_toolbar')

diff --git a/debug_toolbar/views.py b/debug_toolbar/views.py
index bc6cdb3..4f32366 100644
--- a/debug_toolbar/views.py
+++ b/debug_toolbar/views.py
@@ -10,6 +10,7 @@ from django.conf import settings
 from django.db import connection
 from django.http import HttpResponseBadRequest
 from django.shortcuts import render_to_response
+from django.views.decorators.csrf import csrf_exempt
 from django.utils import simplejson
 from django.utils.hashcompat import sha_constructor
 
@@ -26,6 +27,7 @@ def debug_media(request, path):
         root = os.path.join(parent, 'media', 'debug_toolbar')
     return django.views.static.serve(request, path, root)
 
+@csrf_exempt
 def sql_select(request):
     """
     Returns the output of the SQL SELECT statement.
@@ -58,6 +60,7 @@ def sql_select(request):
         return render_to_response('debug_toolbar/panels/sql_select.html', context)
     raise InvalidSQLError("Only 'select' queries are allowed.")
 
+@csrf_exempt
 def sql_explain(request):
     """
     Returns the output of the SQL EXPLAIN on the given query.
@@ -98,6 +101,7 @@ def sql_explain(request):
         return render_to_response('debug_toolbar/panels/sql_explain.html', context)
     raise InvalidSQLError("Only 'select' queries are allowed.")
 
+@csrf_exempt
 def sql_profile(request):
     """
     Returns the output of running the SQL and getting the profiling statistics.
@@ -141,6 +145,7 @@ def sql_profile(request):
         return render_to_response('debug_toolbar/panels/sql_profile.html', context)
     raise InvalidSQLError("Only 'select' queries are allowed.")
 
+@csrf_exempt
 def template_source(request):
     """
     Return the source of a template, syntax-highlighted by Pygments if
-- 
cgit v1.2.3