Rename csrfmiddlewaretoken

Question

Rename csrfmiddlewaretoken

I am using Django and in html I have

<input type="hidden" name="csrfmiddlewaretoken" value="...">

How to rename csrfmiddlewaretoken ? I don't want users to know that this site uses Django.

Nothing found in Django settings , is there a way to do this?

Thank!

+3

python django

tim 23 nov. '14 at 9:50

source to share

1 answer

Rustem · Answer 1 · 2014-11-23T10:39:13+0000

This is a string hardcoded in django / middleware / csrf.py :

        # Check non-cookie token for match.
        request_csrf_token = ""
        if request.method == "POST":
            request_csrf_token = request.POST.get('csrfmiddlewaretoken', '')

        if request_csrf_token == "":
            # Fall back to X-CSRFToken, to make things easier for AJAX,
            # and possible for PUT/DELETE.
            request_csrf_token = request.META.get('HTTP_X_CSRFTOKEN', '')

But there is a one-sided approach for you. You can add your js function which will add HTTP_X_CSRFTOKEN to your POST requests.

Find in documents .

Rename csrfmiddlewaretoken

More articles: