From 9f02371d6a9d9595b805b9acdbd5225cc59ff2c9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?P=C4=93teris=20Caune?= Date: Wed, 24 Oct 2018 10:06:51 +0300 Subject: [PATCH] Report unsubscribe link works with POST. Include "X-Bounce-Url" header in report emails. --- hc/accounts/models.py | 6 +++++- hc/accounts/views.py | 2 ++ 2 files changed, 7 insertions(+), 1 deletion(-) diff --git a/hc/accounts/models.py b/hc/accounts/models.py index 869a542b..f6d701ca 100644 --- a/hc/accounts/models.py +++ b/hc/accounts/models.py @@ -152,7 +152,11 @@ class Profile(models.Model): unsub_url = self.reports_unsub_url() - headers = {"List-Unsubscribe": unsub_url} + headers = { + "List-Unsubscribe": unsub_url, + "X-Bounce-Url": unsub_url + } + ctx = { "checks": checks, "sort": self.sort, diff --git a/hc/accounts/views.py b/hc/accounts/views.py index 4abc2f83..3eeb51ac 100644 --- a/hc/accounts/views.py +++ b/hc/accounts/views.py @@ -13,6 +13,7 @@ from django.core import signing from django.http import HttpResponseForbidden, HttpResponseBadRequest from django.shortcuts import redirect, render from django.utils.timezone import now +from django.views.decorators.csrf import csrf_exempt from django.views.decorators.http import require_POST from hc.accounts.forms import (ChangeEmailForm, EmailPasswordForm, InviteTeamMemberForm, RemoveTeamMemberForm, @@ -344,6 +345,7 @@ def change_email_done(request): return render(request, "accounts/change_email_done.html") +@csrf_exempt def unsubscribe_reports(request, username): signer = signing.TimestampSigner(salt="reports") try: