Yours,
Russ Magee %-)
On Wed, Oct 24, 2012 at 8:16 AM, Russell Keith-Magee <russell@keith-magee.com> wrote:
Hi ÀlexDjango-developers is a mailing list for discussing the development of Django itself. If you have a general usage question, please direct it to django-users.Alternatively, if this was intended as a suggestion for something we should do to Django's CSRF middleware -- you'll need to explain why you think the change is necessary. We've got plenty of examples of sites in the wild using the CSRF middleware as it is currently implemented; if you think a change is needed, you'll need to describe the exact circumstances that have led to you requesting this change.Yours,Russ %-)On Tue, Oct 23, 2012 at 9:59 PM, Àlex Pérez <alex.perez@bebabum.com> wrote:
I have override the CsrfViewMiddleware middleware by:class CustomCsrfViewMiddleware(CsrfViewMiddleware):def process_response(self, request, response):if getattr(response, 'csrf_processing_done', False):return response# If CSRF_COOKIE is unset, then CsrfViewMiddleware.process_view was# never called, probaby because a request middleware returned a response# (for example, contrib.auth redirecting to a login page).if request.META.get("CSRF_COOKIE") is None:return responseif not request.META.get("CSRF_COOKIE_USED", False):return response# Set the CSRF cookie even if it's already set, so we renew# the expiry timer.response.set_cookie(settings.CSRF_COOKIE_NAME,request.META["CSRF_COOKIE"],max_age=60 * 60 * 24 * 7 * 52,domain=settings.CSRF_COOKIE_DOMAIN,path=request.META["PATH_INFO"],secure=settings.CSRF_COOKIE_SECURE)# Content varies with the CSRF cookie, so set the Vary header.patch_vary_headers(response, ('Cookie',))response.csrf_processing_done = Truereturn responsemy change is: path=request.META["PATH_INFO"],I don't know if could be any problem.Thanks--
Alex Perez
alex.perez@bebabum.com
bebabum be successful
c/ Còrsega 301-303, Àtic 2
08008 Barcelona
http://www.bebabum.com
http://www.facebook.com/bebabum
http://twitter.com/bebabum
This message is intended exclusively for its addressee and may contain
information that is confidential and protected by professional privilege.
If you are not the intended recipient you are hereby notified that any
dissemination, copy or disclosure of this communication is strictly prohibited by law.
Este mensaje se dirige exclusivamente a su destinatario y puede contener
información privilegiada o confidencial. Si no es vd. el destinatario indicado,
queda notificado que la utilización, divulgación y/o copia sin autorización
está prohibida en virtud de la legislación vigente.
Le informamos que los datos personales que facilite/ha facilitado pasarán a
formar parte de un fichero responsabilidad de bebabum, S.L. y que tiene
por finalidad gestionar las relaciones con usted.
Tiene derecho al acceso, rectificación cancelación y oposición en nuestra
oficina ubicada en c/ Còrsega 301-303, Àtic 2 de Barcelona o a la dirección de e-mail lopd@bebabum.com
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
No comments:
Post a Comment