From 4ee92a44ffe41fbf95eceebe2f29a70d00186ca6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?P=C4=93teris=20Caune?= <cuu508@gmail.com>
Date: Mon, 9 Dec 2019 16:14:50 +0200
Subject: [PATCH] Unsubscribe is CSRF exempt.

---
 hc/front/views.py                          | 1 +
 templates/accounts/unsubscribe_submit.html | 1 -
 2 files changed, 1 insertion(+), 1 deletion(-)

diff --git a/hc/front/views.py b/hc/front/views.py
index 7aa3ea95..70b9f29d 100644
--- a/hc/front/views.py
+++ b/hc/front/views.py
@@ -701,6 +701,7 @@ def verify_email(request, code, token):
     return render(request, "bad_link.html")
 
 
+@csrf_exempt
 def unsubscribe_email(request, code, token):
     channel = get_object_or_404(Channel, code=code)
     if channel.make_token() != token:
diff --git a/templates/accounts/unsubscribe_submit.html b/templates/accounts/unsubscribe_submit.html
index 00e96de5..5082c534 100644
--- a/templates/accounts/unsubscribe_submit.html
+++ b/templates/accounts/unsubscribe_submit.html
@@ -6,7 +6,6 @@
 <p>Please press the button below to unsubscribe:</p>
 <br />
 <form id="form" method="post">
-    {% csrf_token %}
     <input
         id="submit-btn"
         type="submit"