CSRF protection for Django forms
CSRF protection for Django implemented at the form level - no middleware required.
There are two steps to protecting a django.forms form:
- Wrap it with the SafeForm class decorator. This adds a hidden csrf_token field to
it along with validation logic for checking if that token has the correct value.
It also changes the signature of the form class slightly, see example below.
- Apply the @csrf_protect middleware to the view containing the form. This ensures
that a _csrf_cookie is correctly set.
Run "./manage.py runserver" in the examples folder to start a Django server demonstrating
the functionality of the library. Use "./manage.py test" in the same directory to run the unit tests.
Author:
--------
Simon Willison
- Sources inherited from project devel:languages:python:misc
-
1
derived packages
- Download package
-
Checkout Package
osc -A https://api.opensuse.org checkout home:smarty12:Python/python-django-safeform && cd $_
- Create Badge
Source Files
Filename | Size | Changed |
---|---|---|
django-safeform-2.0.0.tar.gz | 0000012471 12.2 KB | |
python-django-safeform.changes | 0000000310 310 Bytes | |
python-django-safeform.spec | 0000001517 1.48 KB |
Latest Revision
Non-integrated tw package cleanup, batched
Comments 0