Home > mailing lists

Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default - Mailing list pgsql-www

From	Marti Raudsepp
Subject	Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default
Date	October 31, 2012 20:45:34
Msg-id	CABRT9RDPa2evS_FxcK-knTcXDaSwx0dFY2iZecunXoc26XQPSA@mail.gmail.com Whole thread Raw
In response to	Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default (Magnus Hagander <magnus@hagander.net>)
Responses	Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default
List	pgsql-www

Tree view

On Wed, Oct 31, 2012 at 7:29 PM, Magnus Hagander <magnus@hagander.net> wrote:
> The diff appears to be reversed. But that's easy enough to deal with during
> commit.

No, it's not reversed. I'm removing the explicit @csrf_protect
decorators because all views are now protected by default.

> Have you verified that it works with django 1.2 as well? The production
> deployment is on that quite old version still...

Yeah, I developed and tested this on Django 1.2

Regards,
Marti

pgsql-www by date:

From: Magnus Hagander
Date: 31 October 2012, 20:29:57
Subject: Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default

From: Josh Berkus
Date: 31 October 2012, 20:51:40
Subject: Re: Search points to ancient manuals

Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default - Mailing list pgsql-www

Previous

Next