Settings for different environments

2013-02-17 Thread Zach Borboa
Yet another approach to using local development settings versus production settings. Here's something I've been using that I wanted to share. Thanks https://github.com/django-settings/django-settings -- You received this message because you are subscribed to the Google Groups "Django users" gr

Re: CSRF verification failed when I use smart phone

2015-01-28 Thread Zach Borboa
For anyone trying to debug this issue, you may want to print out the variable using {{ csrf_token }} as well as using {% csrf_token %} on the form to verify the token is correct. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe f

Re: CSRF verification failed when I use smart phone

2015-01-30 Thread Zach Borboa
submitted value needs to match the value in the cookie named csrftoken. On Friday, January 30, 2015 at 1:59:45 PM UTC-8, Pouria M wrote: > > Thanks Zach. > What are your thoughts after this test? if they match or if they don't > match > > On Wednesday, January 28, 2015 at

Re: CSRF verification failed when I use smart phone

2015-01-30 Thread Zach Borboa
Here's an example of the csrf cookie value obtained by typing document.cookie in the javascript console. -- You received this message because you are s

Re: Rotate the CSRF token on every request

2014-11-01 Thread Zach Borboa
Rotating the CSRF token on every request is probably not a great idea. Tokens will become invalidated when multiple tabs are open. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it,

Re: CSRF verification failed when I use smart phone

2015-01-08 Thread Zach Borboa
Mobile device could also be caching an incorrect csrf token. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post t

Re: Spammed with 'Invalid HTTP_HOST header' messages

2013-12-06 Thread Zach Borboa
SuspiciousOperation should now return a 400 error [1]. You could also use something like Sentry [2] or filter these messages. [1] https://code.djangoproject.com/ticket/19866 [2] https://github.com/getsentry/sentry [3] http://stackoverflow.com/a/19534738 On Thursday, December 5, 2013 11:21:33 AM

Re: Spammed with 'Invalid HTTP_HOST header' messages

2013-12-06 Thread Zach Borboa
Can you not add a filter to your logger handler? http://stackoverflow.com/a/19534738 On Friday, December 6, 2013 8:28:37 AM UTC-8, Jon Dufresne wrote: > > On Fri, Dec 6, 2013 at 7:47 AM, Zach Borboa > > wrote: > > SuspiciousOperation should now return a 400 error [1]. &