You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Got any hints on how django-fancy-cache could be used to cache views without breaking the csrftoken?
The issue is that you could just ignore csrftoken cookie like this, but then the cache would store a fixed csrftoken in the HTML, all users would get the same token and things will not work (csrf token validation would fail)
Without fixing this issue, the cache hit/miss rate plummets
To make things worse, if the user accesses any page on your site (lets say /contact) with a form he'll get this http response header:
Please note the "Path=/", which indicates that all the next requests performed by this user are going to include the csrftoken cookie and won't be retrieved from the cache.
The text was updated successfully, but these errors were encountered:
Got any hints on how django-fancy-cache could be used to cache views without breaking the csrftoken?
The issue is that you could just ignore csrftoken cookie like this, but then the cache would store a fixed csrftoken in the HTML, all users would get the same token and things will not work (csrf token validation would fail)
Without fixing this issue, the cache hit/miss rate plummets
To make things worse, if the user accesses any page on your site (lets say
/contact) with a form he'll get this http response header:Please note the "Path=/", which indicates that all the next requests performed by this user are going to include the
csrftokencookie and won't be retrieved from the cache.The text was updated successfully, but these errors were encountered: