#18484: csrfmiddlewaretoken enclosed in redundant invisible div ---------------------------------+------------------------------------ Reporter: hedleyroos@… | Owner: nobody Type: Uncategorized | Status: reopened Component: Forms | Version: 1.4 Severity: Release blocker | Resolution: Keywords: csrf | Triage Stage: Accepted Has patch: 0 | Needs documentation: 0 Needs tests: 0 | Patch needs improvement: 0 Easy pickings: 0 | UI/UX: 0 ---------------------------------+------------------------------------
Comment (by lukeplant): Composing the email brought me to a decision: we already ship HTML5 templates with Django in 1.4. We promised functional backwards compatibility with major browsers, but not necessarily validity for HTML4/XHTML. Our direction has been made clear. If people are really worried about HTML4/XHTML validity, which seems less likely these days, they can always implement their own {% csrf_token %} tag. So, let's remove the <div> altogether. -- Ticket URL: <https://code.djangoproject.com/ticket/18484#comment:11> Django <https://code.djangoproject.com/> The Web framework for perfectionists with deadlines. -- You received this message because you are subscribed to the Google Groups "Django updates" group. To post to this group, send email to django-updates@googlegroups.com. To unsubscribe from this group, send email to django-updates+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/groups/opt_out.