Changed `action="."` to `action=""` in tests and docs.

`action="."` strips query parameters from the URL which is not usually what you want. Copy-paste coding of these examples could lead to difficult to track down bugs or even data loss if the query parameter was meant to alter the scope of a form's POST request.
author: Luke Plant <L.Plant.98@cantab.net> 2016-01-21 15:54:13 +0000
committer: Tim Graham <timograham@gmail.com> 2016-01-21 13:59:15 -0500
commit: 77974a684a2e874bccd8bd9e0939ddcb367a8ed2 (patch)
tree: 81b4b886f71ae85de797be6864838da85f14bb54 /docs/ref
parent: 9a33d3d76497d9e198de942ee1236c452231262f (diff)
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/ref/csrf.txt b/docs/ref/csrf.txt
index 6410b9eef0..cb49d28d29 100644
--- a/docs/ref/csrf.txt
+++ b/docs/ref/csrf.txt
@@ -40,7 +40,7 @@ To take advantage of CSRF protection in your views, follow these steps:
 2. In any template that uses a POST form, use the :ttag:`csrf_token` tag inside
    the ``<form>`` element if the form is for an internal URL, e.g.::
 
-       <form action="." method="post">{% csrf_token %}
+       <form action="" method="post">{% csrf_token %}
 
    This should not be done for POST forms that target external URLs, since
    that would cause the CSRF token to be leaked, leading to a vulnerability.
author	Luke Plant <L.Plant.98@cantab.net>	2016-01-21 15:54:13 +0000
committer	Tim Graham <timograham@gmail.com>	2016-01-21 13:59:15 -0500
commit	77974a684a2e874bccd8bd9e0939ddcb367a8ed2 (patch)
tree	81b4b886f71ae85de797be6864838da85f14bb54 /docs/ref
parent	9a33d3d76497d9e198de942ee1236c452231262f (diff)