From 9ae44949b75cd220c6d67a97d148cfa9ac9f9fb9 Mon Sep 17 00:00:00 2001
From: Thierry Parmentelat <thierry.parmentelat@inria.fr>
Date: Fri, 8 Mar 2013 14:28:37 +0100
Subject: [PATCH] return 403 if csrf is not OK with our custom view

---
 engine/manifoldproxy.py | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/engine/manifoldproxy.py b/engine/manifoldproxy.py
index 1d629c78..52c747ff 100644
--- a/engine/manifoldproxy.py
+++ b/engine/manifoldproxy.py
@@ -7,7 +7,7 @@
 import json
 # this is for django objects only
 #from django.core import serializers
-from django.http import HttpResponse
+from django.http import HttpResponse, HttpResponseForbidden
 
 # xxx should probably cater for
 # format_in : how is the query encoded in POST
@@ -34,4 +34,4 @@ def api (request,format):
 failure_answer=[ "csrf_failure" ]
 def csrf_failure(request, reason=""):
     print "CSRF failure with reason '%s'"%reason
-    return HttpResponseForbidden (json.dump (failure_answer), mimetype="application/json")
+    return HttpResponseForbidden (json.dumps (failure_answer), mimetype="application/json")
-- 
2.43.0