diff options
| author | Adrian Holovaty <adrian@holovaty.com> | 2008-01-02 05:13:46 +0000 |
|---|---|---|
| committer | Adrian Holovaty <adrian@holovaty.com> | 2008-01-02 05:13:46 +0000 |
| commit | aa728422bc2b9fe81e89c421d2199ba01eacf8b1 (patch) | |
| tree | d6f32a881eb5d3ee62499d38dedc924caa89de99 | |
| parent | 8bb07998ca7bd607fb88f5ff5169d761e9bf0a2f (diff) | |
Fixed #6247 -- Added CsrfMiddleware to docs/middleware.txt. Thanks, Uninen
git-svn-id: http://code.djangoproject.com/svn/django/trunk@6984 bcc190cf-cafb-0310-a4f2-bffc1f526a37
| -rw-r--r-- | docs/middleware.txt | 11 |
1 files changed, 11 insertions, 0 deletions
diff --git a/docs/middleware.txt b/docs/middleware.txt index f2cf18dbdf..a2853e2965 100644 --- a/docs/middleware.txt +++ b/docs/middleware.txt @@ -154,6 +154,17 @@ every incoming ``HttpRequest`` object. See `Authentication in Web requests`_. .. _Authentication in Web requests: ../authentication/#authentication-in-web-requests +django.contrib.csrf.middleware.CsrfMiddleware +--------------------------------------------- + +**New in Django development version** + +Adds protection against Cross Site Request Forgeries by adding hidden form +fields to POST forms and checking requests for the correct value. See the +`Cross Site Request Forgery protection documentation`_. + +.. _`Cross Site Request Forgery protection documentation`: ../csrf/ + django.middleware.transaction.TransactionMiddleware --------------------------------------------------- |
