Docs say: If you do not have any of the middleware in your MIDDLEWARE_CLASSES, you will have a working installation but without any CSRF protection for your views (just as you had before). It is strongly recommended to install CsrfViewMiddleware and CsrfResponseMiddleware, as described above.
So I thought I don't have to do anything. Can I disable it somehow? 2010/6/7 Kenneth Gonsalves <law...@au-kbc.org>: > On Monday 07 June 2010 17:53:46 Filip Gruszczyński wrote: >> I have just upgraded to 1.2 and when I run ./manage runserver and >> tried to open main page of our project first I was asked to login and >> when I hit enter I got: >> >> Forbidden (403) >> CSRF verification failed. Request aborted. >> >> I haven't turned CSRF protection when I was using 1.1.1, so my project >> should be ready to go, but it isn't. What I might be doing still >> wrong? >> > > it is on by default isn't it? > -- > Regards > Kenneth Gonsalves > Senior Associate > NRC-FOSS at AU-KBC > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To post to this group, send email to django-us...@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com. > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > > -- Filip Gruszczyński -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
