Oh, I missed this setting, stupid (i think, it is new for me, i'm using django since 1.0) thank you!
вторник, 28 апреля 2015 г., 10:51:11 UTC+3 пользователь Russell Keith-Magee написал: > > Hi Vermus, > > Calling this a security "breach" is a bit inaccurate; but I certainly > agree that it is good practice to make the framework undetectable from the > client side. > > That's why there's a setting that does exactly what you suggest: > > https://docs.djangoproject.com/en/1.8/ref/settings/#csrf-cookie-name > > Yours, > Russ Magee %-) > > > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/1f957667-00f1-424d-a5d2-92c1fe20989c%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
