Commit b4bb5cd0 authored by Grzegorz Slusarek's avatar Grzegorz Slusarek
Browse files

Fixed #23585 - Corrected internal comment. 

Removed misleading comment and provide correct one, explaining
idea behind hardcoded CSRF template context processor.
parent 4f90c996

django/template/context.py

+1 −3
Original line number Diff line number Diff line
@@ -3,9 +3,7 @@ from django.utils.module_loading import import_string 


# Cache of actual callables.

_standard_context_processors = None

# We need the CSRF processor no matter what the user has in their settings,

# because otherwise it is a security vulnerability, and we can't afford to leave

# this to human error or failure to read migration instructions.

# Hard-coded processor for easier use of CSRF protection.

_builtin_context_processors = ('django.core.context_processors.csrf',)