Hi, I just upgraded to Django 1.2 and am having some problems.
My project contains several customised django.contrib.admin sites that
offer highly stripped down subsets of admin functionality. These
customised sites do not use authentication and are expected to be
POSTed to both by users and by external applications. This new cross-
site request forgery protection magic therefore severely gets in the
way.
Is there a quick/simple way to turn CSRF protection off for these
AdminSite subclasses? I've tried decorating my (already over-ridden
views) with "csrf_exempt" and am already over-riding the templates
with ones that don't have a {% csrf_token %} tag, but I'm still
getting CSRF 403 errors.
Regards,
Paul.
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
