Question about CSRF changes in 1.0 #911
Unanswered
noahgorstein
asked this question in
Q&A
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Hey folks. Been using Django Ninja for the past 6 months or so and it has been fantastic so thank you!
I was reading the high level release notes in the Github Release for v1.0RC and saw:
I was wondering if any of you folks could elaborate more on what this means and share a small example of what things we could do now that we couldn't before.
I have been wanting to disable CSRF to some of my routes that use Django cookie based auth (with csrf) in non prod envs controlled by some setting, etc. Like ideally I could disable csrf in certain envs but ensure it is active for prod. Let me know if that doesn't sense. To my knowledge I don't believe that has been possible, at least pre v1.0.
Beta Was this translation helpful? Give feedback.
All reactions