… and, I've just noticed that you cross posted this to django-users *and*
django-developers, which is also a no-no. Please choose the single
appropriate mailing list and post your message once. In this case it sounds
like django-users was the right place.
Yours,
Russ Magee %-)
On Wed, Oct 24, 2012 at 8:16 AM, Russell Keith-Magee <
russ...@keith-magee.com> wrote:
> Hi Àlex
>
> Django-developers is a mailing list for discussing the development of
> Django itself. If you have a general usage question, please direct it to
> django-users.
>
> Alternatively, if this was intended as a suggestion for something we
> should do to Django's CSRF middleware -- you'll need to explain why you
> think the change is necessary. We've got plenty of examples of sites in the
> wild using the CSRF middleware as it is currently implemented; if you think
> a change is needed, you'll need to describe the exact circumstances that
> have led to you requesting this change.
>
> Yours,
> Russ %-)
>
> On Tue, Oct 23, 2012 at 9:59 PM, Àlex Pérez <alex.pe...@bebabum.com>wrote:
>
>>
>> I have override the CsrfViewMiddleware middleware by:
>>
>> class CustomCsrfViewMiddleware(CsrfViewMiddleware):
>>
>> def process_response(self, request, response):
>> if getattr(response, 'csrf_processing_done', False):
>> return response
>>
>> # If CSRF_COOKIE is unset, then CsrfViewMiddleware.process_view
>> was
>> # never called, probaby because a request middleware returned a
>> response
>> # (for example, contrib.auth redirecting to a login page).
>> if request.META.get("CSRF_COOKIE") is None:
>> return response
>>
>> if not request.META.get("CSRF_COOKIE_USED", False):
>> return response
>>
>> # Set the CSRF cookie even if it's already set, so we renew
>> # the expiry timer.
>> response.set_cookie(settings.CSRF_COOKIE_NAME,
>> request.META["CSRF_COOKIE"],
>> max_age=60 * 60 * 24 * 7 * 52,
>> domain=settings.CSRF_COOKIE_DOMAIN,
>> path=request.META["PATH_INFO"],
>> secure=settings.CSRF_COOKIE_SECURE
>> )
>> # Content varies with the CSRF cookie, so set the Vary header.
>> patch_vary_headers(response, ('Cookie',))
>> response.csrf_processing_done = True
>> return response
>>
>>
>> my change is: path=request.META["PATH_INFO"],
>>
>> I don't know if could be any problem.
>>
>> Thanks
>>
>>
>> --
>> Alex Perez
>> alex.pe...@bebabum.com
>>
>> *bebabum* be successful
>>
>> c/ Còrsega 301-303, Àtic 2
>> 08008 Barcelona
>> http://www.bebabum.com
>> http://www.facebook.com/bebabum
>> http://twitter.com/bebabum
>>
>> This message is intended exclusively for its addressee and may contain
>> information that is confidential and protected by professional privilege.
>> If you are not the intended recipient you are hereby notified that any
>> dissemination, copy or disclosure of this communication is strictly
>> prohibited by law.
>>
>> Este mensaje se dirige exclusivamente a su destinatario y puede contener
>> información privilegiada o confidencial. Si no es vd. el destinatario
>> indicado,
>> queda notificado que la utilización, divulgación y/o copia sin
>> autorización
>> está prohibida en virtud de la legislación vigente.
>>
>> Le informamos que los datos personales que facilite/ha facilitado pasarán
>> a
>> formar parte de un fichero responsabilidad de bebabum, S.L. y que tiene
>> por finalidad gestionar las relaciones con usted.
>> Tiene derecho al acceso, rectificación cancelación y oposición en nuestra
>> oficina ubicada en c/ Còrsega 301-303, Àtic 2 de Barcelona o a la
>> dirección de e-mail l...@bebabum.com
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To post to this group, send email to django-users@googlegroups.com.
>> To unsubscribe from this group, send email to
>> django-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/django-users?hl=en.
>>
>
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
