diff options
| author | Justin Bronn <jbronn@gmail.com> | 2008-01-02 16:57:53 +0000 |
|---|---|---|
| committer | Justin Bronn <jbronn@gmail.com> | 2008-01-02 16:57:53 +0000 |
| commit | 7e322b5908bf5ec255c90c615d1b45b358ecee5f (patch) | |
| tree | 3390dc70c5b4c4a8ff583308bd904eb749f97c04 /docs/middleware.txt | |
| parent | ef0f46f1d0b9e41c811d3d6b833f1652ad46aec3 (diff) | |
gis: Merged revisions 6920-6989 via svnmerge from trunk.
git-svn-id: http://code.djangoproject.com/svn/django/branches/gis@6990 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs/middleware.txt')
| -rw-r--r-- | docs/middleware.txt | 28 |
1 files changed, 20 insertions, 8 deletions
diff --git a/docs/middleware.txt b/docs/middleware.txt index 39019caf1e..a2853e2965 100644 --- a/docs/middleware.txt +++ b/docs/middleware.txt @@ -61,17 +61,18 @@ Adds a few conveniences for perfectionists: settings. If ``APPEND_SLASH`` is ``True`` and the initial URL doesn't end with a slash, - and it is not found in urlpatterns, a new URL is formed by appending a slash - at the end. If this new URL is found in urlpatterns, then an HTTP-redirect is - returned to this new URL; otherwise the initial URL is processed as usual. + and it is not found in the URLconf, then a new URL is formed by appending a + slash at the end. If this new URL is found in the URLconf, then Django + redirects the request to this new URL. Otherwise, the initial URL is + processed as usual. - So ``foo.com/bar`` will be redirected to ``foo.com/bar/`` if you do not - have a valid urlpattern for ``foo.com/bar``, and do have a valid urlpattern - for ``foo.com/bar/``. + For example, ``foo.com/bar`` will be redirected to ``foo.com/bar/`` if you + don't have a valid URL pattern for ``foo.com/bar`` but *do* have a valid + pattern for ``foo.com/bar/``. **New in Django development version:** The behavior of ``APPEND_SLASH`` has - changed slightly in the development version. It didn't used to check to see - whether the pattern was matched in the URLconf. + changed slightly in the development version. It didn't used to check whether + the pattern was matched in the URLconf. If ``PREPEND_WWW`` is ``True``, URLs that lack a leading "www." will be redirected to the same URL with a leading "www." @@ -153,6 +154,17 @@ every incoming ``HttpRequest`` object. See `Authentication in Web requests`_. .. _Authentication in Web requests: ../authentication/#authentication-in-web-requests +django.contrib.csrf.middleware.CsrfMiddleware +--------------------------------------------- + +**New in Django development version** + +Adds protection against Cross Site Request Forgeries by adding hidden form +fields to POST forms and checking requests for the correct value. See the +`Cross Site Request Forgery protection documentation`_. + +.. _`Cross Site Request Forgery protection documentation`: ../csrf/ + django.middleware.transaction.TransactionMiddleware --------------------------------------------------- |
