Re: An idea to eliminate {% csrf token %}

On Friday 01 January 2010 16:45:19 Wim Feijen wrote: > I am not talking about SafeForm. I am sorry I wasn't clear before, > but in fact, what I want to propose is to include the lines: > name='csrfmiddlewaretoken' value='1234567890abcdef etc' /> > by default when rendering a form with {{ form

Re: An idea to eliminate {% csrf token %}

Hi Luke, Thanks for your quick response. I've read the discussions about CSRF and SafeForm, in fact I already did before posting my message. Because of your excellente wiki the threads were easy to find. I am not talking about SafeForm. I am sorry I wasn't clear before, but in fact, what I want

Re: An idea to eliminate {% csrf token %}

Hi Wim, Your suggestion sounds something like Simon's SafeForm. While some elements of that proposal may end up in Django, it turns out that implementing SafeForm as the default solution requires *bigger* changes to existing code than adding the csrf_token, because you would need to pass

Re: An idea to eliminate {% csrf token %}

This was an excellent and well-put argument. As a newcomer to Django-developers, I was a bit confused by the {% csrf token %} inclusion (that breaks my code). Now, if I can just find some working code to use as a model ... -wolf On Dec 30, 2009 5:23 PM, "Wim Feijen" wrote: