Add a SafeForm / SecureForm to django.contrib.csrf
|Reported by:||mrts||Owned by:||nobody|
|Cc:||Triage Stage:||Design decision needed|
|Has patch:||yes||Needs documentation:||yes|
|Needs tests:||no||Patch needs improvement:||no|
According to the discussion http://groups.google.com/group/django-developers/browse_thread/thread/832caf3d404af1eb/c4063b6303bce2f7 there seems to be a consensus that a secure form that embeds the security token into form data automatically as CsrfMiddleware does is should be added to Django.
... adding a SecureForm to django.contrib.csrf, and perhaps even de-emphasizing the middleware (which is a bit scary, frankly) in favor of the more explicit form.
I'm opening the ticket so that this will get the needed attention eventually.
Change History (12)
comment:1 Changed 6 years ago by Simon Greenhill
- Needs documentation unset
- Needs tests unset
- Patch needs improvement unset
- Triage Stage changed from Unreviewed to Accepted
Changed 5 years ago by ElliottM
comment:4 Changed 5 years ago by ElliottM
- Triage Stage changed from Accepted to Design decision needed