[英]Rename csrfmiddlewaretoken
I use Django and in html I have 我使用Django并在html中
<input type="hidden" name="csrfmiddlewaretoken" value="...">
How to rename csrfmiddlewaretoken ? 如何重命名csrfmiddlewaretoken ? I don't want, that users can know, that site uses Django. 我不想,用户可以知道,该网站使用Django。
I have nothing found in Django settings , Is there any way to do this? 我在Django 设置中找不到任何内容,有没有办法做到这一点?
Thanks! 谢谢!
This is string is hardcoded in django/middleware/csrf.py : 这是字符串在django / middleware / csrf.py中硬编码:
# Check non-cookie token for match.
request_csrf_token = ""
if request.method == "POST":
request_csrf_token = request.POST.get('csrfmiddlewaretoken', '')
if request_csrf_token == "":
# Fall back to X-CSRFToken, to make things easier for AJAX,
# and possible for PUT/DELETE.
request_csrf_token = request.META.get('HTTP_X_CSRFTOKEN', '')
But there is exist one-way for you. 但是你有单向存在的方式。 You can add your on js-function which will add HTTP_X_CSRFTOKEN to your POST requests. 您可以添加on js-function,它将HTTP_X_CSRFTOKEN添加到您的POST请求中。
Find more details in the docs . 在文档中查找更多详细信息。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.