django-commons · peplin · Feb 22, 2011 · Apr 4, 2011
diff --git a/debug_toolbar/views.py b/debug_toolbar/views.py
@@ -12,6 +12,7 @@
 from django.shortcuts import render_to_response
 from django.utils import simplejson
 from django.utils.hashcompat import sha_constructor
+from django.views.decorators.csrf import csrf_exempt
 
 class InvalidSQLError(Exception):
     def __init__(self, value):
@@ -26,6 +27,7 @@ def debug_media(request, path):
         root = os.path.join(parent, 'media', 'debug_toolbar')
     return django.views.static.serve(request, path, root)
 
+@csrf_exempt
 def sql_select(request):
     """
     Returns the output of the SQL SELECT statement.
@@ -58,6 +60,7 @@ def sql_select(request):
         return render_to_response('debug_toolbar/panels/sql_select.html', context)
     raise InvalidSQLError("Only 'select' queries are allowed.")
 
+@csrf_exempt
 def sql_explain(request):
     """
     Returns the output of the SQL EXPLAIN on the given query.
@@ -98,6 +101,7 @@ def sql_explain(request):
         return render_to_response('debug_toolbar/panels/sql_explain.html', context)
     raise InvalidSQLError("Only 'select' queries are allowed.")
 
+@csrf_exempt
 def sql_profile(request):
     """
     Returns the output of running the SQL and getting the profiling statistics.
@@ -141,6 +145,7 @@ def sql_profile(request):
         return render_to_response('debug_toolbar/panels/sql_profile.html', context)
     raise InvalidSQLError("Only 'select' queries are allowed.")
 
+@csrf_exempt
 def template_source(request):
     """
     Return the source of a template, syntax-highlighted by Pygments if