Fixed #12350 -- Fixed typo in tutorial04. Thanks, mortense

git-svn-id: http://code.djangoproject.com/svn/django/trunk@12173 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
Adrian Holovaty 2010-01-10 17:55:46 +00:00
parent 1f400c6df0
commit 985dcdb4b2
1 changed files with 6 additions and 6 deletions

View File

@ -47,12 +47,12 @@ A quick rundown:
* ``forloop.counter`` indicates how many times the :ttag:`for` tag has gone
through its loop
* Since we are creating a POST form (which can have the effect of modifying
data), we unfortunately need to worry about Cross Site Request Forgeries.
* Since we're creating a POST form (which can have the effect of modifying
data), we need to worry about Cross Site Request Forgeries.
Thankfully, you don't have to worry too hard, because Django comes with
very easy-to-use system for protecting against it. In short, all POST
forms that are targetted at internal URLs need the ``{% csrf_token %}``
template tag adding.
a very easy-to-use system for protecting against it. In short, all POST
forms that are targeted at internal URLs should use the ``{% csrf_token %}``
template tag.
The ``{% csrf_token %}`` tag requires information from the request object, which
is not normally accessible from within the template context. To fix this, a