summaryrefslogtreecommitdiff
path: root/docs/middleware.txt
diff options
context:
space:
mode:
authorJustin Bronn <jbronn@gmail.com>2008-01-02 16:57:53 +0000
committerJustin Bronn <jbronn@gmail.com>2008-01-02 16:57:53 +0000
commit7e322b5908bf5ec255c90c615d1b45b358ecee5f (patch)
tree3390dc70c5b4c4a8ff583308bd904eb749f97c04 /docs/middleware.txt
parentef0f46f1d0b9e41c811d3d6b833f1652ad46aec3 (diff)
gis: Merged revisions 6920-6989 via svnmerge from trunk.
git-svn-id: http://code.djangoproject.com/svn/django/branches/gis@6990 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs/middleware.txt')
-rw-r--r--docs/middleware.txt28
1 files changed, 20 insertions, 8 deletions
diff --git a/docs/middleware.txt b/docs/middleware.txt
index 39019caf1e..a2853e2965 100644
--- a/docs/middleware.txt
+++ b/docs/middleware.txt
@@ -61,17 +61,18 @@ Adds a few conveniences for perfectionists:
settings.
If ``APPEND_SLASH`` is ``True`` and the initial URL doesn't end with a slash,
- and it is not found in urlpatterns, a new URL is formed by appending a slash
- at the end. If this new URL is found in urlpatterns, then an HTTP-redirect is
- returned to this new URL; otherwise the initial URL is processed as usual.
+ and it is not found in the URLconf, then a new URL is formed by appending a
+ slash at the end. If this new URL is found in the URLconf, then Django
+ redirects the request to this new URL. Otherwise, the initial URL is
+ processed as usual.
- So ``foo.com/bar`` will be redirected to ``foo.com/bar/`` if you do not
- have a valid urlpattern for ``foo.com/bar``, and do have a valid urlpattern
- for ``foo.com/bar/``.
+ For example, ``foo.com/bar`` will be redirected to ``foo.com/bar/`` if you
+ don't have a valid URL pattern for ``foo.com/bar`` but *do* have a valid
+ pattern for ``foo.com/bar/``.
**New in Django development version:** The behavior of ``APPEND_SLASH`` has
- changed slightly in the development version. It didn't used to check to see
- whether the pattern was matched in the URLconf.
+ changed slightly in the development version. It didn't used to check whether
+ the pattern was matched in the URLconf.
If ``PREPEND_WWW`` is ``True``, URLs that lack a leading "www." will be
redirected to the same URL with a leading "www."
@@ -153,6 +154,17 @@ every incoming ``HttpRequest`` object. See `Authentication in Web requests`_.
.. _Authentication in Web requests: ../authentication/#authentication-in-web-requests
+django.contrib.csrf.middleware.CsrfMiddleware
+---------------------------------------------
+
+**New in Django development version**
+
+Adds protection against Cross Site Request Forgeries by adding hidden form
+fields to POST forms and checking requests for the correct value. See the
+`Cross Site Request Forgery protection documentation`_.
+
+.. _`Cross Site Request Forgery protection documentation`: ../csrf/
+
django.middleware.transaction.TransactionMiddleware
---------------------------------------------------