Archives week 49 of 2013

Dec. 9, 2013 - Dec. 15, 2013

Django CSRF explicitly doesn't trust HTTP when submitting to HTTPS

I managed to introduce a wonderful little bug in the Django blog site here. I wanted all contributors (those making comments and myself) to use HTTPS, but I didn't want to rewrite the templates for the Zinnia blog entries, so I just naively redirected the comments form to the HTTPS site. CSRF protection in Django explicitly does ...

Continue reading

Daily archives

Previous week

Week 48 of 2013

Next week

Week 3 of 2014