On Sun, Sep 5, 2010 at 7:49 PM, Patryk Zawadzki wrote:
> If you really want to use POST in HTTP → HTTPS transitions, introduce
> settings.CSRF_WHATEVER, document it thoroughly and make it default to
> False.
Just for clarity -- when the flag is False and current connection is
secure, the CSRF coo
On Sat, Sep 4, 2010 at 1:51 AM, Luke Plant wrote:
> Barth, Jackson and Mitchell [1] collected some data that said that for
> same-domain HTTPS POST requests, the header is missing in only 0.05% to
> 0.22% of cases. They've also got strong evidence that the header is
> suppressed in the network, n
Some time ago I've reported ticket #13870¹. Here's a brief explanation
of the problem:
PostgreSQL has a concept called "isolation levels". These are various
types of meta-transactions.
1. There's level 0 which means "off" and results in ghost reads
(SELECT returning data not yet commited).
2. The
"Once we're at a Django 2.6 minimum supported version, using 2to3 to
maintain
parallel implementations becomes a lot easier."
As much as I admire Russ, and I do, I don't think that the above
statement is correct.
For a short time on the pywin32 team we tried to "maintain parallel
implementations"
