English 中文(简体)
Django csrf Protection if form in javascript file
原标题:Django csrf protection if form in javascript file

请允许我说,我是用java文撰写的:

function form(csrf){
    document.write( <form action="" method="post"> +csrf);
    document.write(....);
    document.write( <button>Go</button></form> );
}

In template:

<script type="text/javascript">
    form({% csrf_token %});
</script>

这样做是否安全?

感谢!

最佳回答

标签只是产生一个隐蔽的领域,而且你将履行这一职能。

没有什么错误。

问题回答

暂无回答




相关问题
How to get two random records with Django

How do I get two distinct random records using Django? I ve seen questions about how to get one but I need to get two random records and they must differ.

Moving (very old) Zope/Plone Site to Django

I am ask to move data from a (now offline) site driven by Plone to a new Django site. These are the version informations I have: Zope Version (unreleased version, python 2.1.3 ) Python Version 2.1....

Can Django models use MySQL functions?

Is there a way to force Django models to pass a field to a MySQL function every time the model data is read or loaded? To clarify what I mean in SQL, I want the Django model to produce something like ...

Flexible pagination in Django

I d like to implement pagination such that I can allow the user to choose the number of records per page such as 10, 25, 50 etc. How should I go about this? Is there an app I can add onto my project ...

is it convenient to urlencode all next parameters? - django

While writing code, it is pretty common to request a page with an appended "next" query string argument. For instance, in the following template code next points back to the page the user is on: &...

Pragmatically adding give-aways/freebies to an online store

Our business currently has an online store and recently we ve been offering free specials to our customers. Right now, we simply display the special and give the buyer a notice stating we will add the ...

热门标签