From 21b3e3b3a09a11ee4ddaa129d051b0eb4039fe16 Mon Sep 17 00:00:00 2001
From: Parbhat Puri <parbhatpuri17@gmail.com>
Date: Tue, 9 Apr 2019 19:41:07 +0530
Subject: [PATCH] Never cache public form pages as they contain CSRF tokens

---
 opentech/public/forms/models.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/opentech/public/forms/models.py b/opentech/public/forms/models.py
index 0e9824c68..bee7352c4 100644
--- a/opentech/public/forms/models.py
+++ b/opentech/public/forms/models.py
@@ -6,7 +6,9 @@ from django.core.serializers.json import DjangoJSONEncoder
 from django.conf import settings
 from django.db import models
 from django.forms import FileField
+from django.utils.decorators import method_decorator
 from django.utils.translation import ugettext_lazy as _
+from django.views.decorators.cache import never_cache
 
 from modelcluster.fields import ParentalKey
 
@@ -40,6 +42,7 @@ class ExtendedFormBuilder(FormBuilder):
         return FileField(**options)
 
 
+@method_decorator(never_cache, name='serve')
 class FormPage(AbstractEmailForm, BasePage):
     form_builder = ExtendedFormBuilder
     subpage_types = []
-- 
GitLab