Can you explain what is the security issue?
On Jan 3, 10:58 pm, Sam Lai <[EMAIL PROTECTED]> wrote: > Security maybe? > > Not sure, but if you add django.core.context_processors.request to > your TEMPLATE_CONTEXT_PROCESSORS list in settings.py, you won't have > to explicitly add the request object in every view. You still have to > pass a RequestContext object to the render_to_response method, but you > should be doing that anyway if you plan on using any context > processors (which are useful for other things like users), because > otherwise, none of the context processors get added. > > It would be easier if a RequestContext object gets passed by the > render_to_response method automatically, but that isn't to hard to > change by creating a new method. > > Sam > > On Jan 4, 1:40 am, "venkata subramanian" > > <[EMAIL PROTECTED]> wrote: > > Hi, > > I had a problem recently. > > To access the request object in all of my templates. > > The solution I got surprised me. It involved explicitly passing on > > the request object from the views. > > (Example, to pass a RequestContext object as a context_instance > > parameter in render_to_response method). > > > It surprised me because since request object is available to every > > view, why should the request > > object not be accessible in all templates by default? > > > I am just eager to understand this design decision. > > > Thanks. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/django-users?hl=en -~----------~----~----~----~------~----~------~--~---
