summaryrefslogtreecommitdiff
path: root/docs
diff options
context:
space:
mode:
authorLuke Plant <L.Plant.98@cantab.net>2009-10-27 21:52:25 +0000
committerLuke Plant <L.Plant.98@cantab.net>2009-10-27 21:52:25 +0000
commit9dc9770736ddf236be5ae08447bb323433fffd44 (patch)
tree2628019e681e1dbf0928b8b77ace8d9b92d7c26a /docs
parent905dba3694efa20de061d5350cd7de08ed0e5f46 (diff)
Documented the presence of {% csrf_token %} in Django 1.1.2 in trunk docs.
git-svn-id: http://code.djangoproject.com/svn/django/trunk@11675 bcc190cf-cafb-0310-a4f2-bffc1f526a37
Diffstat (limited to 'docs')
-rw-r--r--docs/ref/contrib/csrf.txt7
-rw-r--r--docs/ref/templates/builtins.txt7
2 files changed, 10 insertions, 4 deletions
diff --git a/docs/ref/contrib/csrf.txt b/docs/ref/contrib/csrf.txt
index 3ece422c66..fe3b60be57 100644
--- a/docs/ref/contrib/csrf.txt
+++ b/docs/ref/contrib/csrf.txt
@@ -188,9 +188,12 @@ applications in your project will meet its requirements by virtue of the
The next step is to update all your applications to use the template tag, as
described in `How to use it`_, steps 2-3. This can be done as soon as is
-practical. Any applications that are updated will now require Django 1.2 or
+practical. Any applications that are updated will now require Django 1.1.2 or
later, since they will use the CSRF template tag which was not available in
-earlier versions.
+earlier versions. (The template tag in 1.1.2 is actually a no-op that exists
+solely to ease the transition to 1.2 — it allows apps to be created that have
+CSRF protection under 1.2 without requiring users of the apps to upgrade to the
+Django 1.2.X series).
The utility script ``extras/csrf_migration_helper.py`` can help to automate the
finding of code and templates that may need to be upgraded. It contains full
diff --git a/docs/ref/templates/builtins.txt b/docs/ref/templates/builtins.txt
index 7084dc0a78..8266224c39 100644
--- a/docs/ref/templates/builtins.txt
+++ b/docs/ref/templates/builtins.txt
@@ -56,9 +56,12 @@ Ignore everything between ``{% comment %}`` and ``{% endcomment %}``
csrf_token
~~~~~~~~~~
-.. versionadded:: 1.2
+.. versionadded:: 1.1.2
-This is described in the documentation for :ref:`Cross Site Request Forgeries <ref-contrib-csrf>`.
+In the Django 1.1.X series, this is a no-op tag that returns an empty string for
+future compatibility purposes. In Django 1.2 and later, it is used for CSRF
+protection, as described in the documentation for :ref:`Cross Site Request
+Forgeries <ref-contrib-csrf>`.
cycle
~~~~~