Home > mailing lists

Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default - Mailing list pgsql-www

From	Marti Raudsepp
Subject	Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default
Date	November 7, 2012 22:36:21
Msg-id	CABRT9RDg=Zkq5ChxqZtBNEiqcdTnxKqL7yTGi5s+MMkzyFpEfQ@mail.gmail.com Whole thread Raw
In response to	Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default (Magnus Hagander <magnus@hagander.net>)
Responses	Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default
List	pgsql-www

Tree view

On Wed, Nov 7, 2012 at 9:11 PM, Magnus Hagander <magnus@hagander.net> wrote:
>> "It all worked on my computer" ;)
>
> Really? Because the purging form doesn't work on my local machine...
> Which does not go through varnish at any point, for example.

Well I meant that half-jokingly.

I don't have a complete development environment. When I navigate to
that page, I get "ERROR: schema "pgq" does not exist".

With that said, I can't see why these views/forms wouldn't work with
CSRF. They're not doing cross-domain requests or anything. I will need
to drill deeper.

Regards,
Marti

pgsql-www by date:

From: Magnus Hagander
Date: 07 November 2012, 22:32:00
Subject: Re: Search points to ancient manuals

From: Magnus Hagander
Date: 07 November 2012, 22:39:32
Subject: Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default

Re: [PATCH] Enable CsrfViewMiddleware -- make CSRF protection required by default - Mailing list pgsql-www

Previous

Next