Module middleware
source code
Cross Site Request Forgery Middleware.
This module provides a middleware that implements protection against
request forgeries from other sites.
|
|
CsrfMiddleware
Django middleware that adds protection against Cross Site Request
Forgeries by adding hidden form fields to POST forms and checking
requests for the correct value.
|
|
|
_ERROR_MSG = mark_safe('<html xmlns="http://www.w3.org/1999/xh...
|
|
|
_POST_FORM_RE = re.compile(r'(<form\W[^>]*\bmethod=(\'|"|)POST...
|
|
|
_HTML_TYPES = 'text/html', 'application/xhtml+xml'
|
Imports:
settings,
HttpResponseForbidden,
mark_safe,
md5,
re,
itertools
_ERROR_MSG
- Value:
mark_safe('<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en"><b
ody><h1>403 Forbidden</h1><p>Cross Site Request Forgery detected. Requ
est aborted.</p></body></html>')
|
|
_POST_FORM_RE
- Value:
re.compile(r'(<form\W[^>]*\bmethod=(\'|"|)POST(\'|"|)\b[^>]*>)', re.IG
NORECASE)
|
|