django.core.checks.security.csrf

module documentation

(source)

Undocumented

Function	`check_csrf_cookie_secure`	Undocumented
Function	`check_csrf_failure_view`	Undocumented
Function	`check_csrf_middleware`	Undocumented
Constant	`W003`	Undocumented
Constant	`W016`	Undocumented
Function	`_csrf_middleware`	Undocumented

@register(Tags.security, deploy=True)
def check_csrf_cookie_secure(app_configs, **kwargs): (source) ¶

Undocumented

@register(Tags.security)
def check_csrf_failure_view(app_configs, **kwargs): (source) ¶

Undocumented

@register(Tags.security, deploy=True)
def check_csrf_middleware(app_configs, **kwargs): (source) ¶

Undocumented

W003 = (source) ¶

Undocumented

Value

Warning('You don\'t appear to be using Django\'s built-in cross-site request for↵
gery protection via the middleware (\'django.middleware.csrf.CsrfViewMiddleware\↵
' is not in your MIDDLEWARE). Enabling the middleware is the safest approach to ↵
ensure you don\'t leave any holes.',
        id='security.W003')

W016 = (source) ¶

Undocumented

Value

Warning('You have \'django.middleware.csrf.CsrfViewMiddleware\' in your MIDDLEWA↵
RE, but you have not set CSRF_COOKIE_SECURE to True. Using a secure-only CSRF co↵
okie makes it more difficult for network traffic sniffers to steal the CSRF toke↵
n.',
        id='security.W016')

def _csrf_middleware(): (source) ¶

Undocumented