Actually, if you don't enable CsrfViewMiddleware, the decorator does not raise 403, it prints 'WARNING django.request Forbidden (CSRF token missing or incorrect.)' but always accepts the request (as it should). This is because the decorator overwrites _reject(): ...
开发者ID:alexgula,项目名称:django_sites,代码行数:30,代码来源:urls.py 示例14: patterns ▲点赞 1▼ fromdjango.conf.urlsimportpatterns, include, urlfromviewsimportMainViewfromdjango.views.decorators.csrfimportensure_csrf_cookieurlpatterns = patterns('', url(r'.*',ensure_csrf_cookie(MainView.as_...