Hi Alessandro Thank you for your reply. I checked it: SecureFormMixin is only available for TW1, you're right.
If I find some time, i'll check whether i can port it to TW2. Reagrds, Sandro Am Dienstag, 5. April 2016 23:16:20 UTC+2 schrieb Alessandro Molina: > > CSRF has not been a priority for admin so far, so no one ever provided a > patch for CSRF in admin. > Btw if I'm not wrong SecureFormMixin was from TW1 not TW2 > > On Tue, Apr 5, 2016 at 5:42 PM, Sandro Beffa <[email protected] > <javascript:>> wrote: > >> Hi Alessandro >> for not it's not used >> Thank you very much for this :-) >> An other thing, which I was looking for is the following: >> >> I noticed that the TG Admin is not using the SecureFormMixin ( to prevent >> CSRF ), which TW2 is providing. Is there a reason because of it's not used ? >> >> Best regards, Sandro >> >> >> Am Montag, 4. April 2016 01:00:46 UTC+2 schrieb Alessandro Molina: >>> >>> On Thu, Mar 31, 2016 at 1:45 PM, Sandro Beffa <[email protected]> wrote: >>>> >>>> >>>> So my question: Are there other libs to add CSRF protection to TG2 ? >>>> >>> >>> Hope this provides what you need: >>> https://pypi.python.org/pypi/tgext.utils/0.0.1 :D >>> >> -- >> You received this message because you are subscribed to the Google Groups >> "TurboGears" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To post to this group, send email to [email protected] >> <javascript:>. >> Visit this group at https://groups.google.com/group/turbogears. >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "TurboGears" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at https://groups.google.com/group/turbogears. For more options, visit https://groups.google.com/d/optout.
