Hallöchen!
Carl Meyer writes:
> [...]
>
> Unless you've modified the CSRF implementation locally, all it
> does is check that the CSRF token provided in a cookie matches the
> one provided in the POST data. [...]
>
> But this means that the CSRF protection is simple to bypass in a
> case like you
Hi Torsten,
On 11/24/2014 01:00 PM, Torsten Bronger wrote:
> We use crawlers, which in our case a Python scripts that read data
> from disk and send a lot of HTTP POST requests to the Django
> deployment. The POST requests hit the same URLs/Views that are also
> used by the browser to edit someth
2 matches
Mail list logo
