5112e65ef2
Note that the cookie is not changed every request, just the token retrieved
by the `get_token()` method (used also by the `{% csrf_token %}` tag).
While at it, made token validation strict: Where, before, any length was
accepted and non-ASCII chars were ignored, we now treat anything other than
`[A-Za-z0-9]{64}` as invalid (except for 32-char tokens, which, for
backwards-compatibility, are accepted and replaced by 64-char ones).
Thanks Trac user patrys for reporting, github user adambrenecki
for initial patch, Tim Graham for help, and Curtis Maloney,
Collin Anderson, Florian Apolloner, Markus Holtermann & Jon Dufresne
for reviews.
Django is a high-level Python Web framework that encourages rapid development and clean, pragmatic design. Thanks for checking it out.
All documentation is in the "docs" directory and online at https://docs.djangoproject.com/en/stable/. If you're just getting started, here's how we recommend you read the docs:
- First, read docs/intro/install.txt for instructions on installing Django.
- Next, work through the tutorials in order (docs/intro/tutorial01.txt, docs/intro/tutorial02.txt, etc.).
- If you want to set up an actual deployment server, read docs/howto/deployment/index.txt for instructions.
- You'll probably want to read through the topical guides (in docs/topics) next; from there you can jump to the HOWTOs (in docs/howto) for specific problems, and check out the reference (docs/ref) for gory details.
- See docs/README for instructions on building an HTML version of the docs.
Docs are updated rigorously. If you find any problems in the docs, or think they should be clarified in any way, please take 30 seconds to fill out a ticket here: https://code.djangoproject.com/newticket
To get more help:
- Join the #django channel on irc.freenode.net. Lots of helpful people hang out there. Read the archives at http://django-irc-logs.com/.
- Join the django-users mailing list, or read the archives, at https://groups.google.com/group/django-users.
To contribute to Django:
- Check out https://docs.djangoproject.com/en/dev/internals/contributing/ for information about getting involved.
To run Django's test suite:
- Follow the instructions in the "Unit tests" section of docs/internals/contributing/writing-code/unit-tests.txt, published online at https://docs.djangoproject.com/en/dev/internals/contributing/writing-code/unit-tests/#running-the-unit-tests