From 622ded5d2b4db9d4bf948af0e1d0890edaa8bb33 Mon Sep 17 00:00:00 2001
From: Jennifer Richards <jennifer@staff.ietf.org>
Date: Fri, 22 Nov 2024 12:38:36 -0400
Subject: [PATCH] fix: ensure csrf cookie for searches (#8260)

Needed on views that include search_form.html in their responses.
---
 ietf/doc/views_search.py | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/ietf/doc/views_search.py b/ietf/doc/views_search.py
index 0f1937efb..f4ad247ff 100644
--- a/ietf/doc/views_search.py
+++ b/ietf/doc/views_search.py
@@ -56,6 +56,7 @@ from django.utils import timezone
 from django.utils.html import strip_tags
 from django.utils.cache import _generate_cache_key # type: ignore
 from django.utils.text import slugify
+from django.views.decorators.csrf import ensure_csrf_cookie
 from django_stubs_ext import QuerySetAny
 
 import debug                            # pyflakes:ignore
@@ -283,6 +284,7 @@ def retrieve_search_results(form, all_types=False):
     return docs
 
 
+@ensure_csrf_cookie
 def search(request):
     """Search for a draft"""
     # defaults for results / meta
@@ -335,6 +337,7 @@ def search(request):
     )
 
 
+@ensure_csrf_cookie
 def frontpage(request):
     form = SearchForm()
     return render(request, 'doc/frontpage.html', {'form':form})