I use Django and in html I have
<input type="hidden" name="csrfmiddlewaretoken" value="...">
How to rename csrfmiddlewaretoken ? I don't want, that users can know, that site uses Django.
I have nothing found in Django settings , Is there any way to do this?
Thanks!
This is string is hardcoded in django/middleware/csrf.py :
# Check non-cookie token for match.
request_csrf_token = ""
if request.method == "POST":
request_csrf_token = request.POST.get('csrfmiddlewaretoken', '')
if request_csrf_token == "":
# Fall back to X-CSRFToken, to make things easier for AJAX,
# and possible for PUT/DELETE.
request_csrf_token = request.META.get('HTTP_X_CSRFTOKEN', '')
But there is exist one-way for you. You can add your on js-function which will add HTTP_X_CSRFTOKEN to your POST requests.
Find more details in the docs .
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.