On Friday 01 January 2010 16:45:19 Wim Feijen wrote:
> I am not talking about SafeForm. I am sorry I wasn't clear before,
> but in fact, what I want to propose is to include the lines:
> name='csrfmiddlewaretoken' value='1234567890abcdef etc' />
> by default when rendering a form with {{ form
Hi Luke,
Thanks for your quick response.
I've read the discussions about CSRF and SafeForm, in fact I already
did before posting my message. Because of your excellente wiki the
threads were easy to find.
I am not talking about SafeForm. I am sorry I wasn't clear before, but
in fact, what I want
Hi Wim,
Your suggestion sounds something like Simon's SafeForm. While some
elements of that proposal may end up in Django, it turns out that
implementing SafeForm as the default solution requires *bigger*
changes to existing code than adding the csrf_token, because you would
need to pass
This was an excellent and well-put argument. As a newcomer to
Django-developers, I was a bit confused by the {% csrf token %} inclusion
(that breaks my code).
Now, if I can just find some working code to use as a model ...
-wolf
On Dec 30, 2009 5:23 PM, "Wim Feijen" wrote: