Hi,
On 2/28/20 12:12 AM, Adam Johnson wrote:
> > The reason this was not changed yet is backwards compatibility.
>
> Do you have any mailing list / ticket links as reference?
Sorry, I forgot to link them here. The main ticket seems to be
https://code.djangoproject.com/ticket/15619.
Mailing lis
> The reason this was not changed yet is backwards compatibility.
Do you have any mailing list / ticket links as reference?
It should be noted that the popular allauth already doesn’t allow logout by
GET (by default).
Personally I’m in favour.
On Thu, 27 Feb 2020 at 17:10, René Fleschenberg
Howdy,
You guys ever seen or used this:
https://pypi.org/project/django-configurations/
Reusable settings. That would be something I would like to see in Django.
On Fri, 28 Feb 2020 at 5:49 AM, Robert Marsanyi wrote:
> I have to say, having settings as Python code is one of the features of
>
Hi everyone,
there seems to be consensus that logging the client out on GET requests
to the logout view is not great. Clients may try to prefetch links (this
came up on IRC today). Attackers might annoy users by logging them out
with embedded links to the logout URL.
The reason this was not chang
I have to say, having settings as Python code is one of the features of
Django for me. Being able to calculate settings values, take advantage of
Python’s module/class parsing, and so on all make settings more than just a
set of dictionary values. I think we would lose a bit of functionality i
