-
Shai Berger yazdı
Note that the cookie is not changed every request, just the token retrieved by the `get_token()` method (used also by the `{% csrf_token %}` tag). While at it, made token validation strict: Where, before, any length was accepted and non-ASCII chars were ignored, we now treat anything other than `[A-Za-z0-9]{64}` as invalid (except for 32-char tokens, which, for backwards-compatibility, are accepted and replaced by 64-char ones). Thanks Trac user patrys for reporting, github user adambrenecki for initial patch, Tim Graham for help, and Curtis Maloney, Collin Anderson, Florian Apolloner, Markus Holtermann & Jon Dufresne for reviews.5112e65e
| Adı |
Son kayıt (commit)
|
Son güncelleme |
|---|---|---|
| .tx | ||
| django | ||
| docs | ||
| extras | ||
| js_tests | ||
| scripts | ||
| tests | ||
| .editorconfig | ||
| .eslintignore | ||
| .eslintrc | ||
| .gitattributes | ||
| .gitignore | ||
| .hgignore | ||
| AUTHORS | ||
| CONTRIBUTING.rst | ||
| Gruntfile.js | ||
| INSTALL | ||
| LICENSE | ||
| LICENSE.python | ||
| MANIFEST.in | ||
| README.rst | ||
| package.json | ||
| setup.cfg | ||
| setup.py |