I have various views which break on the additional csrfmiddlewaretoken
in request.POST when using the recommendet CSRF protection with
CsrfViewMiddleware and {% csrf_token %}.Why don't we just remove the csrfmiddlewaretoken before the request hits the views? patch on middleware/csrf.py 1.2.1 final: 11a12 > from django import http 162a164,167 > > tmp_post = request.POST.copy() > del tmp_post['csrfmiddlewaretoken'] > request.POST = http.QueryDict(tmp_post.urlencode()) My code seems to work and the CSRF protection is now completely transparent to the views. Only the templates and the MIDDLEWARE_CLASSES needs to know about it. Regards, Dirk -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
