class CsrfViewMiddleware(MiddlewareMixin): (source)
Known subclasses: django.views.decorators.csrf._EnsureCsrfCookie
, django.views.decorators.csrf._EnsureCsrfToken
Require a present and correct csrfmiddlewaretoken for POST requests that have a CSRF cookie, and set an outgoing CSRF cookie. This middleware should be used in conjunction with the {% csrf_token %} template tag.
Method | process |
Undocumented |
Method | process |
Undocumented |
Method | process |
Undocumented |
Property | allowed |
A mapping of allowed schemes to list of allowed netlocs, where all subdomains of the netloc are allowed. |
Property | allowed |
Undocumented |
Property | csrf |
Undocumented |
Method | _accept |
Undocumented |
Method | _bad |
Undocumented |
Method | _check |
Undocumented |
Method | _check |
Undocumented |
Method | _get |
Return the CSRF secret originally associated with the request, or None if it didn't have one. |
Method | _origin |
Undocumented |
Method | _reject |
Undocumented |
Method | _set |
Undocumented |
Inherited from MiddlewareMixin
:
Async Method | __acall__ |
Async version of __call__ that is swapped in when an async request is running. |
Method | __call__ |
Undocumented |
Method | __init__ |
Undocumented |
Method | __repr__ |
Undocumented |
Class Variable | async |
Undocumented |
Class Variable | sync |
Undocumented |
Instance Variable | get |
Undocumented |
Method | _async |
If get_response is a coroutine function, turns us into async mode so a thread is not consumed during a whole request. |
Instance Variable | _is |
Undocumented |
A mapping of allowed schemes to list of allowed netlocs, where all subdomains of the netloc are allowed.
Return the CSRF secret originally associated with the request, or None if it didn't have one. If the CSRF_USE_SESSIONS setting is false, raises InvalidTokenFormat if the request's secret has invalid characters or an invalid length.
django.views.decorators.csrf._EnsureCsrfCookie
, django.views.decorators.csrf._EnsureCsrfToken
Undocumented