#21495: Add a setting for CSRF Header name
-------------------------------------+-------------------------------------
Reporter: hello@… | Owner: nobody
Type: New feature | Status: new
Component: HTTP handling | Version: 1.6
Severity: Normal | Resolution:
Keywords: | Triage Stage: Accepted
csrf,header,angularjs | Needs documentation: 0
Has patch: 1 | Patch needs improvement: 0
Needs tests: 0 | UI/UX: 0
Easy pickings: 1 |
-------------------------------------+-------------------------------------
Changes (by zerok):
* needs_better_patch: => 0
* needs_docs: => 0
* needs_tests: => 0
* stage: Unreviewed => Accepted
Comment:
Since also the cookie name is also configurable it definitely makes sense
to also make the header name configurable since it might be used from the
Django-context. The same is not necessarily true for the name of the form-
field so keeping this one hard-coded is IMO valid.
--
Ticket URL: <https://code.djangoproject.com/ticket/21495#comment:1>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-updates/077.456cbe4ab319b6bec6b4b2c733695a19%40djangoproject.com.
For more options, visit https://groups.google.com/groups/opt_out.
