ajout d'une protection Cross Site Request Forgery

7a42dfd9 · christophe siraut · 5d432a26 · 7a42dfd9 · 7a42dfd9
Commit 7a42dfd9 authored Jun 13, 2010 by christophe siraut
--- a/templates/registration/login.html
+++ b/templates/registration/login.html
@@ -15,7 +15,7 @@

    <ul>
      <li>Provide username and password:
-        <form action="" method="post">
+        <form action="" method="post">{% csrf_token %}
              <label for="username"></label>
              <input type="text" name="username" value="" id="username">
              <label for="password"></label>

--- a/urls.py
+++ b/urls.py
@@ -42,6 +42,7 @@ urlpatterns = patterns('',
    (r'^user/login/$',  login),
    (r'^user/logout/$', logout, {'template_name': 'index.html'}),
    (r'^user/register', 'nuage.sondage.userviews.register'),
+    (r'^user/success$', 'django.views.generic.simple.direct_to_template', {'template': 'registration/success.html'}),

 )