Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with
or
.
Download ZIP
Browse files

Fixed #16430 - Stronger wording for CSRF protection in `modifying upl…

…oad handlers on the fly`; thanks tomchristie.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@16588 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit e3c89346d217fca92b62a6d11df6b4b6d5be28a2 1 parent 0350d65
@timgraham timgraham authored
Showing with 6 additions and 6 deletions.
  1. +6 −6 docs/topics/http/file-uploads.txt
View
12 docs/topics/http/file-uploads.txt
@@ -278,13 +278,13 @@ list::
Also, ``request.POST`` is accessed by
:class:`~django.middleware.csrf.CsrfViewMiddleware` which is enabled by
- default. This means you will probably need to use
+ default. This means you will need to use
:func:`~django.views.decorators.csrf.csrf_exempt` on your view to allow you
- to change the upload handlers. Assuming you do need CSRF protection, you
- will then need to use :func:`~django.views.decorators.csrf.csrf_protect` on
- the function that actually processes the request. Note that this means that
- the handlers may start receiving the file upload before the CSRF checks have
- been done. Example code:
+ to change the upload handlers. You will then need to use
+ :func:`~django.views.decorators.csrf.csrf_protect` on the function that
+ actually processes the request. Note that this means that the handlers may
+ start receiving the file upload before the CSRF checks have been done.
+ Example code:
.. code-block:: python
Please sign in to comment.
Something went wrong with that request. Please try again.