Clarified wording about use of 2 decorators in CSRF docs
git-svn-id: http://code.djangoproject.com/svn/django/trunk@16198 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
bf7af2be15
commit
d3641d889b
|
@ -365,7 +365,8 @@ There may be some views that are unprotected and have been exempted by
|
||||||
``csrf_exempt``, but still need to include the CSRF token.
|
``csrf_exempt``, but still need to include the CSRF token.
|
||||||
|
|
||||||
Solution: use :func:`~django.views.decorators.csrf.csrf_exempt` followed by
|
Solution: use :func:`~django.views.decorators.csrf.csrf_exempt` followed by
|
||||||
:func:`~django.views.decorators.csrf.requires_csrf_token`.
|
:func:`~django.views.decorators.csrf.requires_csrf_token`. (i.e. ``requires_csrf_token``
|
||||||
|
should be the innermost decorator).
|
||||||
|
|
||||||
View needs protection for one path
|
View needs protection for one path
|
||||||
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
|
||||||
|
|
Loading…
Reference in New Issue