this week.
OK, splendid! :-) I guess I was fooled by the polished look of that incomplete
page.
Thanks for all your work on South --- you've saved me a lot of time and
tears over the years!
/ Kent Engström, Lysator
--
You received this message because you are subscribed to the Google Groups
&
to point X, run
a script, continue to migrate?
Should this be mentioned somewhere in the docs?
Sorry if I'm confused about this,
/ Kent Engström, Lysator
--
You received this message because you are subscribed to the Google Groups
"Django developers" group.
To unsubscribe from
using SSL, and so the protection is mostly free.
Of course. The sites I'm thinking of are HTTPS only.
I had forgot about the Referer header check. It seems that it
would stop the subdomain-to-subdomain CSRF attacks as long as
the site is only using HTTPS, wouldn't it?
Thanks for your work on this,
/ Kent
't happened yet. We can
> do better than we do now, but not without somewhat changing the
> properties of the system.
If you would like help with testing etc for this, I hope I can offer
some time.
BTW, should I submit a ticket about this to the Django ticket database
or is there a more general
ove the second instance of the nonce (that
will be compared to the form field) from a cookie to a session variable
(at least when a session is available)? Would that result in other
problems instead?
/ Kent Engström
--
You received this message because you are subscribed to the Google Groups
"Django