88a5f17d25
Fixed #24389 -- Isolated the CSRF view from the TEMPLATES setting.
...
Thanks uranusjr for the report and analysis.
2015-02-22 15:46:35 +01:00
0ed7d15563
Sorted imports with isort; refs #23860 .
2015-02-06 08:16:28 -05:00
ffa548fb56
Updated link to CSRF docs
...
Refs #23866 .
2014-12-25 14:01:15 +01:00
234a2e0b6b
Fixed #23866 -- Harmonized refs to Django documentation from code
2014-12-25 13:53:13 +01:00
9b95fa7777
Fixed #21322 -- Error message when CSRF cookie is missing
...
Thanks to Henrik Levkowetz and olau for their reports and initial patches.
2013-11-03 20:05:10 +01:00
6107435386
Fixed #21324 -- Translate CSRF failure view
...
Thanks to Claude Paroz for the original patch.
2013-11-02 11:22:30 +01:00
deed192dda
Removed usage of mimetype kwarg of HttpResponse
...
Refs #16519 .
2012-06-30 21:19:07 +02:00
a3bb4df895
Improved CSRF error message.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@17570 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2012-02-21 23:54:02 +00:00
71a7466dd6
Fixed #16009 - typo in CSRF_FAILRE_TEMPLATE.
...
Thanks to adehnert for report and patch.
Though I flail to see what problem it was causing...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16216 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-05-12 03:03:16 +00:00
26cda43012
Switched to HTML5 doctype in all Django supplied templates.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16050 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2011-04-20 17:40:53 +00:00
a904e55859
Fixed #11509 -- Modified usage of "Web" to match our style guide in various documentation, comments and code. Thanks to timo and Simon Meers for the work on the patch.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@14069 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-10-09 08:12:50 +00:00
e8cff0b8f3
Added explanatory note on CSRF failure page for the case of a missing Referer header.
...
This is intended to help power users who have disabled Referer headers, or
installed add-ons which have done so, and to help web site administrators
with debugging, since this problem will be browser specific and not a
programming error.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13680 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-09-03 16:28:10 +00:00
6b2d6e1833
Fixed #13590 - Made CSRF failure page styling consistent with Django's default error page styling.
...
Thanks to alefteris for suggestion.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@13300 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2010-05-22 18:42:16 +00:00
53b2c3867b
Fixed #12130 - documented need for csrf_protect on views that don't accept POST
...
Includes:
* proper documentation for csrf_protect
* notes in comments app.
* specific upgrade notes for comments app
Thanks to carljm for report and debugging.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11711 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-11-03 14:40:37 +00:00
c5c7791e91
Improved HTML in CSRF debug template - <code> instead of <tt>
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11680 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-29 14:17:39 +00:00
5df19aa99e
Small improvement to CSRF failure template.
...
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11676 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 22:20:03 +00:00
7230a995ce
Moved contrib.csrf.* to core code.
...
There is stub code for backwards compatiblity with Django 1.1 imports.
The documentation has been updated, but has been left in
docs/contrib/csrf.txt for now, in order to avoid dead links to
documentation on the website.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11661 bcc190cf-cafb-0310-a4f2-bffc1f526a37
2009-10-27 00:36:34 +00:00
Aymeric Augustin
Tim Graham
Claude Paroz
Bouke Haarsma
Paul McMillan
Luke Plant
Russell Keith-Magee