Skip to content

Instantly share code, notes, and snippets.

@jimmyislive

jimmyislive/csrf_decorator.py

Created October 19, 2016 06:58
Show Gist options
  • Save jimmyislive/a00869b596b19482811a1f78568104f9 to your computer and use it in GitHub Desktop.
Save jimmyislive/a00869b596b19482811a1f78568104f9 to your computer and use it in GitHub Desktop.
Download ZIP
csrf origin check
Raw
csrf_decorator.py
def csrf_check(web_request):
def real_decorator(view_func):
@wraps(view_func)
def wrapper(*args, **kwargs):
if (request.method == 'GET'):
return view_func(*args, **kwargs)
u = urlparse(request.headers['Origin'])
if u.netloc in ['www.my_awesome_domain.com', 'my_awesome_domain.com']:
return view_func(*args, **kwargs)
raise Unauthorized('Not Authorized')
return wrapper
return real_decorator
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment