Re: send_mail on MAC OS X 10.7

On Wed, Oct 3, 2012 at 12:19 PM, Laxmikant Gurnalkar
<laxmikant.gurnalkar@gmail.com> wrote:
> Hi,
> Thanks for the suggestion Russell,
> I never felt insecure when I dont use csrf. Since I hv disabled.
> anyways, Thanks again.

I don't want to appear rude, but I suspect the only reason you don't
feel insecure is because you don't fully understand the risks.

There's a reason Django has CSRF protection turned on by default. CSRF
attacks are very real, very common, and very easy to manufacture. If
you're not taking steps to prevent CSRF attacks, any website you
produce is potentially at risk. I *strongly* urge you to do some
research into CSRF attacks, and if you have problems with Django's
CSRF framework, ask about and solve those problems -- don't just turn
off CSRF protection and declare that your site works.

Yours,
Russ Magee %-)

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.