#9977: CSRFMiddleware needs template tag
---------------------------------------------+------------------------------
Reporter: bthomas | Owner: lukeplant
Status: assigned | Milestone: 1.2
Component: HTTP handling | Version: SVN
Resolution: | Keywords: csrf
Stage: Design decision needed | Has_patch: 1
Needs_docs: 1 | Needs_tests: 0
Needs_better_patch: 1 |
---------------------------------------------+------------------------------
Comment (by Glenn):
(Sorry, I really don't want to learn a new source control system, and HG's
webpage doesn't have a clear explanation of why, as a happy, expert
Subversion user, I should even care about it. They seem to expect me to
learn how to use it, in order to figure out whether I should bother
learning how to use it; it doesn't work that way...)
"csrf_token" just seemed off to me--it's not a token that implements CSRF,
it's a token that authorizes form submissions.
I think "csrfmiddlewaretoken" in forms should be renamed to at least
"csrftoken". "Middleware" is an implementation detail--there's no need
for that to leak into HTML.
--
Ticket URL: <http://code.djangoproject.com/ticket/9977#comment:43>
Django <http://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django updates" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/django-updates?hl=en
-~----------~----~----~----~------~----~------~--~---
