On Friday, October 3, 2014 6:26:43 AM UTC-7, Sabine Maennel wrote:
>
> Please help: I am confused whether it is okay that it is showing in the
> url like this:
>
>
>
> http://netteachers.de/bewerbung/formular?csrfmiddlewaretoken=2jKsplZsQx5XpBfltUaDmgJjhRiCllxQ
>
>
> This happens when I enter my f
Thank you Collin and Thundebabzy,
you identified the problem I think. When I call the form for the first
time it is called the wrong way. I will fix this!
Am Freitag, 3. Oktober 2014 16:57:23 UTC+2 schrieb Collin Anderson:
>
> However you would have that behavior when you are submitting a form
>
> However you would have that behavior when you are submitting a form with a
> GET. You should use POST to submit your form instead of GET.
>
Yes, use:
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and st
I don't think its risky to have csrf token in the url since its in open
view in the page's source anyway (I'm not a security expert so that with a
very large bag of salt). However you would have that behavior when you are
submitting a form with a GET. You should use POST to submit your form
instead
Please help: I am confused whether it is okay that it is showing in the url
like this:
http://netteachers.de/bewerbung/formular?csrfmiddlewaretoken=2jKsplZsQx5XpBfltUaDmgJjhRiCllxQ
This happens when I enter my form ( a CreateView Model Form)? Is that oky
or a security risk of any kind?
--
Y
5 matches
Mail list logo
