On Mar 18, 1:25 pm, Luke Plant <l.plant...@cantab.net> wrote: > > Yep, agreed. I plan to replace the content re-writing stuff with a > template tag which hopefully won't be too nasty. It's just I haven't > had time yet, and I'd rather fix the security hole now, and improve > the implementation later. The exception mechanisms we've got in place > mean that it's not too painful to migrate: >
There is a patch to add the template tag on http://code.djangoproject.com/ticket/9977 There are still docs and tests to be added (though I wasn't able to find the existing tests for CSRF), but I think your initial concerns about the patch have been addressed. -bob --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/django-developers?hl=en -~----------~----~----~----~------~----~------~--~---