Perfect, thank you
On 9/1/14, Collin Anderson wrote:
> If the url name is not guessable (for example, it includes a secure random
> string, like django's forgot password url), that should provide enough
> security.
>
> Though you can always pass in the csrf token using javascript:
> https://docs.
If the url name is not guessable (for example, it includes a secure random
string, like django's forgot password url), that should provide enough
security.
Though you can always pass in the csrf token using javascript:
https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ajax
--
You receive
I am completely new to AJAX and I was wondering. I have a a view that ajax
is posting to but in order for the request to be processed in the view
correctly i have to add csrf_exempt decorator to that view, but is that
safe? I named the url for that view with a name that would not be
guessable,
On Monday, March 7, 2011 3:32:51 PM UTC-8, Rami wrote:
>
> Thanks Andy!
>
> 1- you were correct about the form submitting the get method.
>
> 2- As you mentioned, the when I change the if statement to
> "request.GET.has_key('ajax')", it gets executed. the "?ajax" apparently
> causes the statemen
4 matches
Mail list logo
