MozSecureWorld FAQ

From MozillaWiki
Jump to navigation Jump to search

MozSecureWorld FAQ/Notes

FAQ

CSRF error

Django's fix to CSRF can be found in the tutorial. Where you put in

template.html: 

{% csrf_token %}


views.py: 

from django.shortcuts import render_to_response
from django.template import RequestContext
def ...
    return render_to_response('template.html', {'var_name': var_value}, context_instance=RequestContext(request))

But in the demo's setup with jingo and other stuff: template.html: 

{{ csrf() }}

views.py: 

import jingo
    return jingo.render(request, 'template.html', {"var_name": var_value})

HTML is not rendered

Solution: Use Django |safe

Problem: After using bleach, the safe tags show up "<b>should be bolded</b>" instead of being rendered as should be bolded, you have to add a "|safe" to the template.html: 

{{richtext.comment|safe}}
Retrieved from "https://wiki.allizom.org/index.php?title=MozSecureWorld_FAQ&oldid=318539"