ab26b65b2f
Fixed #25334 -- Provided a way to allow cross-origin unsafe requests over HTTPS.
...
Added the CSRF_TRUSTED_ORIGINS setting which contains a list of other
domains that are included during the CSRF Referer header verification
for secure (HTTPS) requests.
2015-09-05 09:19:57 -04:00
f9de197268
Recommended the JavaScript Cookie library instead of jQuery cookie.
...
jQuery cookie is no longer maintained in favor of the JavaScript
cookie library. This also removes the jQuery dependency.
2015-08-19 10:04:01 -04:00
08c980d752
Updated capitalization in the word "JavaScript" for consistency
2015-05-01 13:26:42 -04:00
668d53cd12
Fixed #21495 -- Added settings.CSRF_HEADER_NAME
2015-03-05 15:03:40 -05:00
9eb4f28e89
Deprecated TEMPLATE_CONTEXT_PROCESSORS.
2014-12-28 17:02:31 +01:00
92e8f1f302
Moved context_processors from django.core to django.template.
2014-12-28 17:00:07 +01:00
fa680ce1e2
Fixed #23825 -- Added links for decorating class-based views to the CSRF docs.
2014-11-15 19:33:39 +01:00
d3db878e4b
Moved CSRF docs out of contrib.
2014-11-03 07:47:39 -05:00
Joshua Kehn
Marc
Dave Hodder
Grzegorz Slusarek
Aymeric Augustin
Fabio Natali
Thomas Chaumeny