Re: turn off csrf

2014-05-14 Thread hinnack
Am Mittwoch, 14. Mai 2014 14:39:27 UTC+2 schrieb hinnack:

> Am Dienstag, 13. Mai 2014 19:15:27 UTC+2 schrieb Tom Evans:
>
>> On Tue, May 13, 2014 at 4:36 PM, hinnack  wrote: 
>> > 
>> > Am Dienstag, 13. Mai 2014 16:48:57 UTC+2 schrieb Tom Evans: 
>> >> 
>> >> On Tue, May 13, 2014 at 2:49 PM, hinnack  
>> wrote: 
>> >> > Hi, 
>> >> > 
>> >> > how can I turn off csrf completely - even in the admin interface? 
>> >> > 
>> >> > My base problem is, that with IE11 (and only IE11) I can not save 
>> any 
>> >> > form 
>> >> > in the admin interface. I always get: 
>> >> > 
>> >> > CSRF verification failed. Request aborted 
>> >> 
>> >> That message comes from django.views.csrf.csrf_failure. This view is 
>> >> only called from the csrf middleware.. 
>> >> 
>> >> > 
>> >> > 
>> >> > I have no csrf middleware set. What else must be done? 
>> >> > 
>> >> 
>> >> ... which suggests this is not true - re-check that you have actually 
>> >> removed it, go to a django shell, type these commands: 
>> >> 
>> >>   from django.conf import settings 
>> >>   settings.MIDDLEWARE_CLASSES 
>> >> 
>> >> is CsrfViewMiddleware listed there? If it isn't, have you tried 
>> >> turning it off and then on again? 
>> >> 
>> >> Cheers 
>> >> 
>> >> Tom 
>> > 
>> > 
>> > Thanks Tom, 
>> > 
>> > but I definitely did that - here is the result: 
>> > ('django.middleware.common.CommonMiddleware', 
>> > 'django.contrib.sessions.middleware.SessionMiddleware', 
>> > 'schiwago.middleware.header.ResponseInjectHeader', 
>> > 'schiwago.middleware.auth.BasicAuthMiddleware', 
>> > 'django.contrib.messages.middleware.MessageMiddleware', 
>> > 'django.middleware.transaction.TransactionMiddleware') 
>> > 
>>
>> Well, look: 
>>
>> The message you report comes from the csrf failure view: 
>>
>>
>> https://github.com/django/django/blob/stable/1.6.x/django/views/csrf.py#L34 
>>
>> The csrf failure view is only invoked from one place, the csrf 
>> middleware: 
>>
>>
>> https://github.com/django/django/blob/stable/1.6.x/django/middleware/csrf.py#L94
>>  
>>
>>
>> > What do you mean by turn on/off again? Enable the CsrfViewMiddleware 
>> again? 
>>
>> Sorry, this was a bad joke from a UK TV show, "The IT Crowd", they 
>> first question they ask is "have you tried turning it off and then on 
>> again". 
>>
>> I was referring to the server itself - have you restarted the server 
>> since making the change. Making the change in the settings.py would 
>> have it reflected in a new django shell, but not in an already running 
>> webserver. 
>>
>> Cheers 
>>
>> Tom 
>>
>
> :-)
>
> I think, you can not deactivate csrf in the admin interface anymore…
> It is used somewhere as a decorator as make_middleware_decorator is called 
> for it…
>
> Is this the expected behavior? Or is there a setting I overlooked?
>
> regards,
> Hinnack
>

OK doing:
setattr(request, '_dont_enforce_csrf_checks', True)
in a middleware does the trick.

the question remains: Is this expected? Or should the absence of the crsf 
middleware do set this anyway? or should there be a setting anyway?

regards,
Hinnack 

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/2271592c-fcd7-4e03-90f9-1691dde3f347%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: turn off csrf

2014-05-14 Thread hinnack
Am Dienstag, 13. Mai 2014 19:15:27 UTC+2 schrieb Tom Evans:

> On Tue, May 13, 2014 at 4:36 PM, hinnack > 
> wrote: 
> > 
> > Am Dienstag, 13. Mai 2014 16:48:57 UTC+2 schrieb Tom Evans: 
> >> 
> >> On Tue, May 13, 2014 at 2:49 PM, hinnack  wrote: 
> >> > Hi, 
> >> > 
> >> > how can I turn off csrf completely - even in the admin interface? 
> >> > 
> >> > My base problem is, that with IE11 (and only IE11) I can not save any 
> >> > form 
> >> > in the admin interface. I always get: 
> >> > 
> >> > CSRF verification failed. Request aborted 
> >> 
> >> That message comes from django.views.csrf.csrf_failure. This view is 
> >> only called from the csrf middleware.. 
> >> 
> >> > 
> >> > 
> >> > I have no csrf middleware set. What else must be done? 
> >> > 
> >> 
> >> ... which suggests this is not true - re-check that you have actually 
> >> removed it, go to a django shell, type these commands: 
> >> 
> >>   from django.conf import settings 
> >>   settings.MIDDLEWARE_CLASSES 
> >> 
> >> is CsrfViewMiddleware listed there? If it isn't, have you tried 
> >> turning it off and then on again? 
> >> 
> >> Cheers 
> >> 
> >> Tom 
> > 
> > 
> > Thanks Tom, 
> > 
> > but I definitely did that - here is the result: 
> > ('django.middleware.common.CommonMiddleware', 
> > 'django.contrib.sessions.middleware.SessionMiddleware', 
> > 'schiwago.middleware.header.ResponseInjectHeader', 
> > 'schiwago.middleware.auth.BasicAuthMiddleware', 
> > 'django.contrib.messages.middleware.MessageMiddleware', 
> > 'django.middleware.transaction.TransactionMiddleware') 
> > 
>
> Well, look: 
>
> The message you report comes from the csrf failure view: 
>
> https://github.com/django/django/blob/stable/1.6.x/django/views/csrf.py#L34 
>
> The csrf failure view is only invoked from one place, the csrf middleware: 
>
>
> https://github.com/django/django/blob/stable/1.6.x/django/middleware/csrf.py#L94
>  
>
>
> > What do you mean by turn on/off again? Enable the CsrfViewMiddleware 
> again? 
>
> Sorry, this was a bad joke from a UK TV show, "The IT Crowd", they 
> first question they ask is "have you tried turning it off and then on 
> again". 
>
> I was referring to the server itself - have you restarted the server 
> since making the change. Making the change in the settings.py would 
> have it reflected in a new django shell, but not in an already running 
> webserver. 
>
> Cheers 
>
> Tom 
>

:-)

I think, you can not deactivate csrf in the admin interface anymore…
It is used somewhere as a decorator as make_middleware_decorator is called 
for it…

Is this the expected behavior? Or is there a setting I overlooked?

regards,
Hinnack

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/50910172-895b-44ce-8a01-0fa4235872fe%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: turn off csrf

2014-05-13 Thread Tom Evans
On Tue, May 13, 2014 at 4:36 PM, hinnack  wrote:
>
> Am Dienstag, 13. Mai 2014 16:48:57 UTC+2 schrieb Tom Evans:
>>
>> On Tue, May 13, 2014 at 2:49 PM, hinnack  wrote:
>> > Hi,
>> >
>> > how can I turn off csrf completely - even in the admin interface?
>> >
>> > My base problem is, that with IE11 (and only IE11) I can not save any
>> > form
>> > in the admin interface. I always get:
>> >
>> > CSRF verification failed. Request aborted
>>
>> That message comes from django.views.csrf.csrf_failure. This view is
>> only called from the csrf middleware..
>>
>> >
>> >
>> > I have no csrf middleware set. What else must be done?
>> >
>>
>> ... which suggests this is not true - re-check that you have actually
>> removed it, go to a django shell, type these commands:
>>
>>   from django.conf import settings
>>   settings.MIDDLEWARE_CLASSES
>>
>> is CsrfViewMiddleware listed there? If it isn't, have you tried
>> turning it off and then on again?
>>
>> Cheers
>>
>> Tom
>
>
> Thanks Tom,
>
> but I definitely did that - here is the result:
> ('django.middleware.common.CommonMiddleware',
> 'django.contrib.sessions.middleware.SessionMiddleware',
> 'schiwago.middleware.header.ResponseInjectHeader',
> 'schiwago.middleware.auth.BasicAuthMiddleware',
> 'django.contrib.messages.middleware.MessageMiddleware',
> 'django.middleware.transaction.TransactionMiddleware')
>

Well, look:

The message you report comes from the csrf failure view:

https://github.com/django/django/blob/stable/1.6.x/django/views/csrf.py#L34

The csrf failure view is only invoked from one place, the csrf middleware:

https://github.com/django/django/blob/stable/1.6.x/django/middleware/csrf.py#L94


> What do you mean by turn on/off again? Enable the CsrfViewMiddleware again?

Sorry, this was a bad joke from a UK TV show, "The IT Crowd", they
first question they ask is "have you tried turning it off and then on
again".

I was referring to the server itself - have you restarted the server
since making the change. Making the change in the settings.py would
have it reflected in a new django shell, but not in an already running
webserver.

Cheers

Tom

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAFHbX1KrvFJnOmodqYgibEuiqwkgLJG9iRkfi1pTVsK2E9kJsw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.


Re: turn off csrf

2014-05-13 Thread hinnack

Am Dienstag, 13. Mai 2014 16:48:57 UTC+2 schrieb Tom Evans:
>
> On Tue, May 13, 2014 at 2:49 PM, hinnack > 
> wrote: 
> > Hi, 
> > 
> > how can I turn off csrf completely - even in the admin interface? 
> > 
> > My base problem is, that with IE11 (and only IE11) I can not save any 
> form 
> > in the admin interface. I always get: 
> > 
> > CSRF verification failed. Request aborted 
>
> That message comes from django.views.csrf.csrf_failure. This view is 
> only called from the csrf middleware.. 
>
> > 
> > 
> > I have no csrf middleware set. What else must be done? 
> > 
>
> ... which suggests this is not true - re-check that you have actually 
> removed it, go to a django shell, type these commands: 
>
>   from django.conf import settings 
>   settings.MIDDLEWARE_CLASSES 
>
> is CsrfViewMiddleware listed there? If it isn't, have you tried 
> turning it off and then on again? 
>
> Cheers 
>
> Tom 
>

Thanks Tom,

but I definitely did that - here is the result:
('django.middleware.common.CommonMiddleware', 
'django.contrib.sessions.middleware.SessionMiddleware', 
'schiwago.middleware.header.ResponseInjectHeader', 
'schiwago.middleware.auth.BasicAuthMiddleware', 
'django.contrib.messages.middleware.MessageMiddleware', 
'django.middleware.transaction.TransactionMiddleware')

What do you mean by turn on/off again? Enable the CsrfViewMiddleware again? 
Why could that work? Will that manipulate the client or do any magic on the 
server (something in tables)?

regards
Hinnack 

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/43d938e4-e54e-45d3-bd6a-bb1a09a3c552%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: turn off csrf

2014-05-13 Thread Tom Evans
On Tue, May 13, 2014 at 2:49 PM, hinnack  wrote:
> Hi,
>
> how can I turn off csrf completely - even in the admin interface?
>
> My base problem is, that with IE11 (and only IE11) I can not save any form
> in the admin interface. I always get:
>
> CSRF verification failed. Request aborted

That message comes from django.views.csrf.csrf_failure. This view is
only called from the csrf middleware..

>
>
> I have no csrf middleware set. What else must be done?
>

... which suggests this is not true - re-check that you have actually
removed it, go to a django shell, type these commands:

  from django.conf import settings
  settings.MIDDLEWARE_CLASSES

is CsrfViewMiddleware listed there? If it isn't, have you tried
turning it off and then on again?

Cheers

Tom

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAFHbX1Ldq%2BSJnCQ389iC53w9nk1zodR02QL9%3DC8c%3DWeP%2Bhtszw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.


turn off csrf

2014-05-13 Thread hinnack
Hi,

how can I turn off csrf completely - even in the admin interface?

My base problem is, that with IE11 (and only IE11) I can not save any form 
in the admin interface. I always get:

CSRF verification failed. Request aborted

I have no csrf middleware set. What else must be done?

(using django 1.6)

regards

Hinnack

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/8b6ea52b-1d60-4613-995b-5a1e9912d910%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.


Re: how to turn off CSRF in django 1.2?

2010-08-27 Thread Alan
Thanks João, indeed, after reading the link, what I needed was to
*add* it. So now I have:

MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.middleware.doc.XViewMiddleware',
'django.contrib.csrf.middleware.CsrfMiddleware',
)

And everything seems to be working fine.

Alan

On 26 Aug, 17:50, João Rodrigues  wrote:
> what about 'django.contrib.csrf.middleware.CsrfMiddleware' 
> ?http://docs.djangoproject.com/en/1.0/ref/contrib/csrf/#how-to-use-it
>
> On 26 August 2010 16:33, Alan  wrote:
>
>
>
>
>
> > Ops, sorry, but I don't have this line
> > django.middleware.csrf.CsrfViewMiddleware, as I said, it's a project
> > done in 1.0.2. and I want it to run on my django 1.2 but without any
> > reference to Csrf, since the server where the portal is runs 1.0.2
> > yet.
>
> > On 26 Aug, 15:54, João Rodrigues  wrote:
> > > go to your settings.py and comment out
> > > django.middleware.csrf.CsrfViewMiddleware in your MIDDLEWARE_CLASSES
>
> > > On 26 August 2010 10:33, Alan  wrote:
>
> > > > Hi there,
>
> > > > I developed in a system that uses django 1.2, but the server is still
> > > > django 1.0.2.
>
> > > > Upgrading for a moment is not possible. Unless someone knows a nice
> > > > simple alternative, in order to keep my web portal compatible between
> > > > 1.0.2 and 1.2, I would like to switch off CSRF on my developing
> > > > computer.
>
> > > > How can I do this simply and easily?
>
> > > > Many thanks,
>
> > > > Alan
>
> > > > --
> > > > You received this message because you are subscribed to the Google 
> > > > Groups
> > > > "Django users" group.
> > > > To post to this group, send email to django-us...@googlegroups.com.
> > > > To unsubscribe from this group, send email to
> > > > django-users+unsubscr...@googlegroups.com > > >  groups.com>
> > > > .
> > > > For more options, visit this group at
> > > >http://groups.google.com/group/django-users?hl=en.
>
> > --
> > You received this message because you are subscribed to the Google Groups 
> > "Django users" group.
> > To post to this group, send email to django-us...@googlegroups.com.
> > To unsubscribe from this group, send email to 
> > django-users+unsubscr...@googlegroups.com.
> > For more options, visit this group 
> > athttp://groups.google.com/group/django-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.



Re: how to turn off CSRF in django 1.2?

2010-08-27 Thread Reinout van Rees

On 08/26/2010 05:33 PM, Alan wrote:

Ops, sorry, but I don't have this line
django.middleware.csrf.CsrfViewMiddleware, as I said, it's a project
done in 1.0.2. and I want it to run on my django 1.2 but without any
reference to Csrf, since the server where the portal is runs 1.0.2
yet.


You could also attempt it the other way around.

If I remember correctly, they added a "dummy" {% csrf %} tag to 1.1.x 
that doesn't really do anything.  So a form that works with 1.2 also 
works with 1.1 without throwing errors.


You could see if that's available/portable for 1.0, too.  Otherwise, a 
template tag that hacks this is quick to make yourself, I'd guess.



Reinout

--
Reinout van Rees - rein...@vanrees.org - http://reinout.vanrees.org
Collega's gezocht!
Django/python vacature in Utrecht: http://tinyurl.com/35v34f9

--
You received this message because you are subscribed to the Google Groups "Django 
users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.



Re: how to turn off CSRF in django 1.2?

2010-08-26 Thread João Rodrigues
what about 'django.contrib.csrf.middleware.CsrfMiddleware' ?
http://docs.djangoproject.com/en/1.0/ref/contrib/csrf/#how-to-use-it

On 26 August 2010 16:33, Alan  wrote:
>
> Ops, sorry, but I don't have this line
> django.middleware.csrf.CsrfViewMiddleware, as I said, it's a project
> done in 1.0.2. and I want it to run on my django 1.2 but without any
> reference to Csrf, since the server where the portal is runs 1.0.2
> yet.
>
> On 26 Aug, 15:54, João Rodrigues  wrote:
> > go to your settings.py and comment out
> > django.middleware.csrf.CsrfViewMiddleware in your MIDDLEWARE_CLASSES
> >
> > On 26 August 2010 10:33, Alan  wrote:
> >
> >
> >
> > > Hi there,
> >
> > > I developed in a system that uses django 1.2, but the server is still
> > > django 1.0.2.
> >
> > > Upgrading for a moment is not possible. Unless someone knows a nice
> > > simple alternative, in order to keep my web portal compatible between
> > > 1.0.2 and 1.2, I would like to switch off CSRF on my developing
> > > computer.
> >
> > > How can I do this simply and easily?
> >
> > > Many thanks,
> >
> > > Alan
> >
> > > --
> > > You received this message because you are subscribed to the Google Groups
> > > "Django users" group.
> > > To post to this group, send email to django-us...@googlegroups.com.
> > > To unsubscribe from this group, send email to
> > > django-users+unsubscr...@googlegroups.com > >  groups.com>
> > > .
> > > For more options, visit this group at
> > >http://groups.google.com/group/django-users?hl=en.
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Django users" group.
> To post to this group, send email to django-us...@googlegroups.com.
> To unsubscribe from this group, send email to 
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/django-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.



Re: how to turn off CSRF in django 1.2?

2010-08-26 Thread Alan
Ops, sorry, but I don't have this line
django.middleware.csrf.CsrfViewMiddleware, as I said, it's a project
done in 1.0.2. and I want it to run on my django 1.2 but without any
reference to Csrf, since the server where the portal is runs 1.0.2
yet.

On 26 Aug, 15:54, João Rodrigues  wrote:
> go to your settings.py and comment out
> django.middleware.csrf.CsrfViewMiddleware in your MIDDLEWARE_CLASSES
>
> On 26 August 2010 10:33, Alan  wrote:
>
>
>
> > Hi there,
>
> > I developed in a system that uses django 1.2, but the server is still
> > django 1.0.2.
>
> > Upgrading for a moment is not possible. Unless someone knows a nice
> > simple alternative, in order to keep my web portal compatible between
> > 1.0.2 and 1.2, I would like to switch off CSRF on my developing
> > computer.
>
> > How can I do this simply and easily?
>
> > Many thanks,
>
> > Alan
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Django users" group.
> > To post to this group, send email to django-us...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > django-users+unsubscr...@googlegroups.com > groups.com>
> > .
> > For more options, visit this group at
> >http://groups.google.com/group/django-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.



Re: how to turn off CSRF in django 1.2?

2010-08-26 Thread Alan
Thanks João, you got exactly what I need.


On 26 Aug, 15:54, João Rodrigues  wrote:
> go to your settings.py and comment out
> django.middleware.csrf.CsrfViewMiddleware in your MIDDLEWARE_CLASSES
>
> On 26 August 2010 10:33, Alan  wrote:
>
>
>
> > Hi there,
>
> > I developed in a system that uses django 1.2, but the server is still
> > django 1.0.2.
>
> > Upgrading for a moment is not possible. Unless someone knows a nice
> > simple alternative, in order to keep my web portal compatible between
> > 1.0.2 and 1.2, I would like to switch off CSRF on my developing
> > computer.
>
> > How can I do this simply and easily?
>
> > Many thanks,
>
> > Alan
>
> > --
> > You received this message because you are subscribed to the Google Groups
> > "Django users" group.
> > To post to this group, send email to django-us...@googlegroups.com.
> > To unsubscribe from this group, send email to
> > django-users+unsubscr...@googlegroups.com > groups.com>
> > .
> > For more options, visit this group at
> >http://groups.google.com/group/django-users?hl=en.

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.



Re: how to turn off CSRF in django 1.2?

2010-08-26 Thread João Rodrigues
go to your settings.py and comment out
django.middleware.csrf.CsrfViewMiddleware in your MIDDLEWARE_CLASSES

On 26 August 2010 10:33, Alan  wrote:

> Hi there,
>
> I developed in a system that uses django 1.2, but the server is still
> django 1.0.2.
>
> Upgrading for a moment is not possible. Unless someone knows a nice
> simple alternative, in order to keep my web portal compatible between
> 1.0.2 and 1.2, I would like to switch off CSRF on my developing
> computer.
>
> How can I do this simply and easily?
>
> Many thanks,
>
> Alan
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-us...@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com
> .
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.



Re: how to turn off CSRF in django 1.2?

2010-08-26 Thread Mathieu Leduc-Hamel
If I was you,

I would not install django directly on the system. It's not generally
a good practice.

The best thing you might do is to use of these two methods:

1. virtualenv 
(http://tumblr.intranation.com/post/766290325/python-virtualenv-quickstart-django)

2. buildout (http://jacobian.org/writing/django-apps-with-buildout/)

As you wish these two methods worked pretty well, on my side i like
buildout cause it's easier to maintain.

On Thu, Aug 26, 2010 at 1:07 PM, Sven Bröckling  wrote:
> Hi Alan,
>
>> I developed in a system that uses django 1.2, but the server is still
>> django 1.0.2.
>> Upgrading for a moment is not possible. Unless someone knows a nice
>> simple alternative, in order to keep my web portal compatible between
>> 1.0.2 and 1.2, I would like to switch off CSRF on my developing
>> computer.
>> How can I do this simply and easily?
> I have one project which has several issues with django 1.2, and so i
> use 1.1 for that, 1.2 for other projects.
>
> I have two versions of Django in my home dir, both svn checkouts. I need
> only one version at a time, so i wrote two quick and dirty shell aliases
> to switch the django version.
>
> [s...@troy sven] which django1.1
> django1.1: aliased to sudo rm -f
> /usr/lib/python2.6/dist-packages/django; sudo ln -s
> /home/sven/projects/programming/python/django/django-1.1/django
> /usr/lib/python2.6/dist-packages/
>
> [s...@troy sven] which django1.2
> django1.2: aliased to sudo rm -f
> /usr/lib/python2.6/dist-packages/django; sudo ln -s
> /home/sven/projects/programming/python/django/django-trunk/django
> /usr/lib/python2.6/dist-packages/
>
> Sven
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Django users" group.
> To post to this group, send email to django-us...@googlegroups.com.
> To unsubscribe from this group, send email to 
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/django-users?hl=en.
>
>



-- 
Mathieu Leduc-Hamel

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.



Re: how to turn off CSRF in django 1.2?

2010-08-26 Thread Sven Bröckling
Hi Alan,

> I developed in a system that uses django 1.2, but the server is still
> django 1.0.2.
> Upgrading for a moment is not possible. Unless someone knows a nice
> simple alternative, in order to keep my web portal compatible between
> 1.0.2 and 1.2, I would like to switch off CSRF on my developing
> computer.
> How can I do this simply and easily?
I have one project which has several issues with django 1.2, and so i
use 1.1 for that, 1.2 for other projects.

I have two versions of Django in my home dir, both svn checkouts. I need
only one version at a time, so i wrote two quick and dirty shell aliases
to switch the django version.

[s...@troy sven] which django1.1
django1.1: aliased to sudo rm -f
/usr/lib/python2.6/dist-packages/django; sudo ln -s
/home/sven/projects/programming/python/django/django-1.1/django
/usr/lib/python2.6/dist-packages/

[s...@troy sven] which django1.2
django1.2: aliased to sudo rm -f
/usr/lib/python2.6/dist-packages/django; sudo ln -s
/home/sven/projects/programming/python/django/django-trunk/django
/usr/lib/python2.6/dist-packages/

Sven

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.



how to turn off CSRF in django 1.2?

2010-08-26 Thread Alan
Hi there,

I developed in a system that uses django 1.2, but the server is still
django 1.0.2.

Upgrading for a moment is not possible. Unless someone knows a nice
simple alternative, in order to keep my web portal compatible between
1.0.2 and 1.2, I would like to switch off CSRF on my developing
computer.

How can I do this simply and easily?

Many thanks,

Alan

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.