mirror of
https://github.com/django/django.git
synced 2024-12-22 17:16:24 +00:00
8e70cef9b6
This is a large change to CSRF protection for Django. It includes: * removing the dependency on the session framework. * deprecating CsrfResponseMiddleware, and replacing with a core template tag. * turning on CSRF protection by default by adding CsrfViewMiddleware to the default value of MIDDLEWARE_CLASSES. * protecting all contrib apps (whatever is in settings.py) using a decorator. For existing users of the CSRF functionality, it should be a seamless update, but please note that it includes DEPRECATION of features in Django 1.1, and there are upgrade steps which are detailed in the docs. Many thanks to 'Glenn' and 'bthomas', who did a lot of the thinking and work on the patch, and to lots of other people including Simon Willison and Russell Keith-Magee who refined the ideas. Details of the rationale for these changes is found here: http://code.djangoproject.com/wiki/CsrfProtection As of this commit, the CSRF code is mainly in 'contrib'. The code will be moved to core in a separate commit, to make the changeset as readable as possible. git-svn-id: http://code.djangoproject.com/svn/django/trunk@11660 bcc190cf-cafb-0310-a4f2-bffc1f526a37 |
||
---|---|---|
django | ||
docs | ||
examples | ||
extras | ||
scripts | ||
tests | ||
AUTHORS | ||
INSTALL | ||
LICENSE | ||
MANIFEST.in | ||
README | ||
setup.cfg | ||
setup.py |
Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. All documentation is in the "docs" directory and online at http://docs.djangoproject.com/en/dev/. If you're just getting started, here's how we recommend you read the docs: * First, read docs/intro/install.txt for instructions on installing Django. * Next, work through the tutorials in order (docs/intro/tutorial01.txt, docs/intro/tutorial02.txt, etc.). * If you want to set up an actual deployment server, read docs/howto/deployment/modpython.txt for instructions on running Django under mod_python. * You'll probably want to read through the topical guides (in docs/topics) next; from there you can jump to the HOWTOs (in docs/howto) for specific problems, and check out the reference (docs/ref) for gory details. Docs are updated rigorously. If you find any problems in the docs, or think they should be clarified in any way, please take 30 seconds to fill out a ticket here: http://code.djangoproject.com/newticket To get more help: * Join the #django channel on irc.freenode.net. Lots of helpful people hang out there. Read the archives at http://oebfare.com/logger/django/. * Join the django-users mailing list, or read the archives, at http://groups.google.com/group/django-users. To contribute to Django: * Check out http://www.djangoproject.com/community/ for information about getting involved.