mirror of https://github.com/django/django.git
Documented the presence of {% csrf_token %} in Django 1.1.2 in trunk docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11675 bcc190cf-cafb-0310-a4f2-bffc1f526a37
This commit is contained in:
parent
905dba3694
commit
9dc9770736
|
@ -188,9 +188,12 @@ applications in your project will meet its requirements by virtue of the
|
|||
|
||||
The next step is to update all your applications to use the template tag, as
|
||||
described in `How to use it`_, steps 2-3. This can be done as soon as is
|
||||
practical. Any applications that are updated will now require Django 1.2 or
|
||||
practical. Any applications that are updated will now require Django 1.1.2 or
|
||||
later, since they will use the CSRF template tag which was not available in
|
||||
earlier versions.
|
||||
earlier versions. (The template tag in 1.1.2 is actually a no-op that exists
|
||||
solely to ease the transition to 1.2 — it allows apps to be created that have
|
||||
CSRF protection under 1.2 without requiring users of the apps to upgrade to the
|
||||
Django 1.2.X series).
|
||||
|
||||
The utility script ``extras/csrf_migration_helper.py`` can help to automate the
|
||||
finding of code and templates that may need to be upgraded. It contains full
|
||||
|
|
|
@ -56,9 +56,12 @@ Ignore everything between ``{% comment %}`` and ``{% endcomment %}``
|
|||
csrf_token
|
||||
~~~~~~~~~~
|
||||
|
||||
.. versionadded:: 1.2
|
||||
.. versionadded:: 1.1.2
|
||||
|
||||
This is described in the documentation for :ref:`Cross Site Request Forgeries <ref-contrib-csrf>`.
|
||||
In the Django 1.1.X series, this is a no-op tag that returns an empty string for
|
||||
future compatibility purposes. In Django 1.2 and later, it is used for CSRF
|
||||
protection, as described in the documentation for :ref:`Cross Site Request
|
||||
Forgeries <ref-contrib-csrf>`.
|
||||
|
||||
cycle
|
||||
~~~~~
|
||||
|
|
Loading…
Reference in New Issue