fix(submission): revert unnecessary CSRF exemption on FormatCodeAPI
The CSRF 403 error was expected Django behavior (no CSRF cookie in curl). FormatCodeAPI should follow SubmissionAPI's pattern (APIView, not CSRF-exempt). Verified with GET request: /api/format_code returns 405 (correct route resolution). Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
This commit is contained in:
@@ -12,7 +12,7 @@ from options.options import SysOptions
|
|||||||
|
|
||||||
# from judge.dispatcher import JudgeDispatcher
|
# from judge.dispatcher import JudgeDispatcher
|
||||||
from problem.models import Problem, ProblemRuleType
|
from problem.models import Problem, ProblemRuleType
|
||||||
from utils.api import APIView, AsyncAPIView, CSRFExemptAPIView, validate_serializer
|
from utils.api import APIView, AsyncAPIView, validate_serializer
|
||||||
from utils.cache import cache
|
from utils.cache import cache
|
||||||
from utils.captcha import Captcha
|
from utils.captcha import Captcha
|
||||||
from utils.throttling import TokenBucket
|
from utils.throttling import TokenBucket
|
||||||
@@ -284,7 +284,7 @@ class SubmissionsTodayCount(AsyncAPIView):
|
|||||||
return self.success(count)
|
return self.success(count)
|
||||||
|
|
||||||
|
|
||||||
class FormatCodeAPI(CSRFExemptAPIView):
|
class FormatCodeAPI(APIView):
|
||||||
@login_required
|
@login_required
|
||||||
@validate_serializer(FormatCodeSerializer)
|
@validate_serializer(FormatCodeSerializer)
|
||||||
def post(self, request):
|
def post(self, request):
|
||||||
|
|||||||
Reference in New Issue
Block a user