Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Remove not needed CSRF token #1582

Open
wants to merge 2 commits into
base: main
Choose a base branch
from

Conversation

bwbroersma
Copy link
Collaborator

For /change_language/ the result is only a Location redirect (no session/cookie state), therefore there is no need for a CRSF token.

For `/change_language/` the result is only a Location redirect (no session/cookie state), therefore there is no need for a CRSF token.
Fix internetstandards#1581.

Signed-off-by: Benjamin W. Broersma <[email protected]>
@bwbroersma bwbroersma force-pushed the gh1582-remove-not-needed-csrf-token branch 5 times, most recently from 01a1f64 to f736c91 Compare December 5, 2024 23:00
@bwbroersma bwbroersma force-pushed the gh1582-remove-not-needed-csrf-token branch from f736c91 to e220687 Compare December 9, 2024 21:47
@bwbroersma
Copy link
Collaborator Author

Note: do not remove "django.middleware.common.CommonMiddleware", which I over actively stripped, and somehow process_response does essential work in either fixing missing slashes, or setting a Content-Length.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Development

Successfully merging this pull request may close these issues.

csrfmiddlewaretoken send but not used
1 participant