I've spend a few hours in frustration, trying to disable the CSRF which Django now tries to force on me, to no avail. Had anyone else tried this with more success? I'm fine with anything that works, except for a source patch (but monkeypatches are okay).
Asked
Active
Viewed 1,496 times
2
-
I'm not familiar with Django, but am familiar with CSRF - out of curiosity, why do you want to disable CSRF protection? In general, preventing CSRF attacks is a *good* thing. – Nathan Nov 23 '09 at 20:41
-
Because i design intranet sites and because they are often accessed by non-humans over which i have no control. – Сыч Nov 23 '09 at 20:59
3 Answers
2
I haven't actually tried to disable it (never had the need), but I imagine it's just a matter of removing the CSRF middleware(s) from the MIDDLEWARE_CLASSES setting in your settings.py.
Epcylon
- 4,674
- 2
- 26
- 35
-
1
-
No, it just flat out ignores what's in MIDDLEWARE_CLASSES of my settings.py – Сыч Nov 24 '09 at 15:13
0
Try commenting out the csrf middleware and restarting the server. A lot of the time changes like that wont be loaded until afterward.
Josh Sandlin
- 714
- 8
- 21