Hi do you hire contract based python/django freelancer?
We can help you in this and related tasks at fair prices. Reply or send
email to divy...@pythonmate.com
Best Regards,
Divyesh Khamele,
Pythonmate
On Thu, 1 Oct 2020, 6:31 pm Arthur Rio, <arthur.ri...@gmail.com> wrote:
> Hi,
>
> While working on turning on CSRF_USE_SESSIONS for a project, I noticed
> that the documentation recommends the following to retrieve the value:
>
> ```
> {% csrf_token %}
> <script>
> const csrftoken =
> document.querySelector('[name=csrfmiddlewaretoken]').value;
> </script>
> ```
>
> I am wondering why not doing the following instead?
>
> ```
> <script>
> const csrftoken = “{{ csrf_token }}";
> </script>
> ```
>
> Is there some other security benefits I’m not thinking of?
>
> Regards
>
> Arthur
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/CADOBPEHHoi8yY8cxyMa5jXjcz60MDFiOFW338g%2BAGwqBnEb84A%40mail.gmail.com
> <https://groups.google.com/d/msgid/django-users/CADOBPEHHoi8yY8cxyMa5jXjcz60MDFiOFW338g%2BAGwqBnEb84A%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/CAH9mneXSsVbUTuj%3D94mzTxf%3DzUj6pw8i8ga33rOcDk02Ty9H3Q%40mail.gmail.com.
