enable csrf for live-edit post

[chloro.git] / chloro / phyll / views.py

diff --git a/chloro/phyll/views.py b/chloro/phyll/views.py
index 108a8eaca508bb9f3bfc01b5e8cdb3f2ff0231c8..a03c93fe4beda075a88b04caa98d15bf30179d0b 100644 (file)
--- a/chloro/phyll/views.py
+++ b/chloro/phyll/views.py
@@ -22,7 +22,6 @@ from django.core.exceptions import PermissionDenied
 from django.http import HttpResponse, Http404
 from django.utils.feedgenerator import Atom1Feed
 from django.views import View
-from django.views.decorators.csrf import csrf_exempt
 from django.views.generic import CreateView, DeleteView, DetailView, ListView, UpdateView, TemplateView
 
 from .models import Note
@@ -55,10 +54,6 @@ class NoteEditView(UpdateView):
 class NoteApiSaveView(View):
     http_method_names = ['post']
 
-    @csrf_exempt
-    def dispatch(self, *args, **kwargs):
-        return super().dispatch(*args, **kwargs)
-
     def post(self, request, *args, **kwargs):
         note = Note.objects.get(slug=kwargs['slug'])
         note.text = request.POST['text']