Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Document CSRF protection (for plugins) #827

Closed
simonw opened this issue Jun 9, 2020 · 1 comment
Closed

Document CSRF protection (for plugins) #827

simonw opened this issue Jun 9, 2020 · 1 comment
Labels
documentation plugins
Milestone
Datasette 0.44

Comments

@simonw
Copy link
Owner

simonw commented Jun 9, 2020
edited
Loading

Plugin authors need to know that if they want to POST a form they should include this:

<input type="hidden" name="csrftoken" value="{{ csrftoken() }}">
@simonw simonw added this to the Datasette 0.44 milestone Jun 9, 2020
@simonw simonw closed this as completed in 56eb80a Jun 9, 2020
@simonw
Copy link
Owner Author

simonw commented Jun 9, 2020

https://datasette.readthedocs.io/en/latest/internals.html#csrf-protection

simonw added a commit that referenced this issue Jun 12, 2020
@simonw
Release Datasette 0.44
b906030 
Refs #395, #519, #576, #699, #706, #774, #777, #781, #784, #788, #790, #797,
#798, #800, #802, #804, #819, #822, #825, #826, #827, #828, #829, #830,
#833, #836, #837, #839

Closes #806.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
documentation plugins
Projects
None yet
Milestone
Datasette 0.44
Development

No branches or pull requests
1 participant
@simonw