Hi list,
Three more patches:
0001-Update-ssl_required-decorator-to-play-nice-with-othe.patch
This is the important one to make /api/varnish/purge/ work again. The
@ssl_required decorator now cooperates with other decorators and
retains attributes, rather than overriding them all.
The other 2 decorators in util/decorators.py probably also need this
fix, but I decided not to do it now to reduce testing effort.
0002-Fix-small-bug-in-api_varnish_purge-error-path.patch
Insignificant: return HttpResponse instead of raising it in error path.
0003-CSRF-verification-failure-now-returns-HTTP-403-Forbi.patch
The CSRF failure view previously returned with HTTP status 200 OK.
That's wrong -- apps and browsers should be signaled that the request
failed. Now returns 403 Forbidden.
Regards,
Marti