I think for the moment, the easy fix for anonymous forms it either to
put them on a different page or
to load them with ajax.
This way the forms and thus the tokens gets generated only when
needed.
If caching and performances are a big concern, I think those
alternative are win/win solutions.
On 21 oct. 2011, at 17:31, Berto Abreu wrote:
> I wanted to share an opportunity for a full time career in NYC.
The topic of this mailing list is the development of Django itself.
As such, even if you were advertising for a position related to Django, your
message wouldn't be appropriate.
--
Hello,
Maybe it's just me, but I find the i18n docs quite confusing, and I often
struggle to locate the information I need:
https://docs.djangoproject.com/en/1.3/topics/i18n/
For instance, I don't understand why:
- the index page immediately dives into gettext technicalities;
-
On Oct 21, 2011, at 8:04 AM, Kääriäinen Anssi wrote:
> I do not know nearly enough about caching to participate fully in this
> discussion. But it strikes me that the attempt to have CSRF protected
> anonymous page cached is not that smart. If you have an anonymous submittable
> form, why
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Hi Rich,
On 10/21/2011 10:21 AM, Rich Jones wrote:
> How would you guys feel about a manage.py startexample
>
> which would create an example application? A simple, templated hello
> world with an example model and an example view and an example
>
How would you guys feel about a manage.py startexample
which would create an example application? A simple, templated hello
world with an example model and an example view and an example
template?
R
On Oct 20, 4:50 pm, Aymeric Augustin
wrote:
> On 20 oct.
Hello all!
I wanted to share an opportunity for a full time career in NYC. Below
you will find the full job description. Let me know if you or anyone
that you may know of is interested. Thank you in advance!
Platform Engineer
OPERATIONAL POSITION DESCRIPTION
OVERVIEW OF ROLE
Primary
I do not know nearly enough about caching to participate fully in this
discussion. But it strikes me that the attempt to have CSRF protected anonymous
page cached is not that smart. If you have an anonymous submittable form, why
bother with CSRF protection? I mean, what is it protecting
On Oct 20, 2011, at 6:02 PM, Carl Meyer wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> Hi Jim,
>
> This is a really useful summary of the current state of things, thanks
> for putting it together.
>
> Re the anonymous/authenticated issue, CSRF token, and Google Analytics
>