CGM_Public/pretix_original
2
0
Fork 1
mirror of https://github.com/pretix/pretix.git synced 2026-05-09 15:54:03 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add docs on session handling

Browse Source
This commit is contained in:
Raphael Michel
2017-10-29 00:50:09 +02:00
parent d811e42095
commit 65116563fd
3 changed files with 74 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
src/pretix/presale/urls.py
View File

@@ -31,11 +31,10 @@ frame_wrapped_urls = [
url(r'^$', pretix.presale.views.event.EventIndex.as_view(), name='event.index'),
]
event_patterns = [
# Cart/checkout patterns are a bit more complicated, as they should have simple URLs like cart/clear in normal
# cases, but need to have versions with unguessable URLs like w/8l4Y83XNonjLxoBb/cart/clear to be used in widget
# mode. This is required to prevent all clickjacking and CSRF attacks that would otherwise be possible.
# First, we define the normal version
# First, we define the normal version. The docstring of get_or_create_cart_id() has more information on this.
url(r'', include(frame_wrapped_urls)),
# Second, the widget version
url(r'w/(?P<cart_namespace>[a-zA-Z0-9]{16})/', include(frame_wrapped_urls)),