On Tuesday, August 6, 2013 3:42:01 PM UTC+1, Jacob Kaplan-Moss wrote: > > We plan to take steps to address BREACH in Django itself, but in the > meantime we recommend that all users of Django understand this > vulnerability and take action if appropriate. > > Would randomizing the CSRF token on each request be the correct way to fix this in Django?
Tom -- You received this message because you are subscribed to the Google Groups "Django developers" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-developers+unsubscr...@googlegroups.com. To post to this group, send email to django-developers@googlegroups.com. Visit this group at http://groups.google.com/group/django-developers. For more options, visit https://groups.google.com/groups/opt_out.