Django Book 翻译
菜单>:
TOC
返回
原文:
To activate this CSRF protection, add ``'django.contrib.csrf.middleware.CsrfMiddleware'`` to the ``MIDDLEWARE_CLASSES`` setting in your settings file. This middleware needs to process the response *after* ``SessionMiddleware`` , so ``CsrfMiddleware`` must appear *before* ``SessionMiddleware`` in the list (because the response middleware is processed last-to-first). Also, it must process the response before the response gets compressed or otherwise mangled, so ``CsrfMiddleware`` must come after ``GZipMiddleware`` . Once youve added that to your ``MIDDLEWARE_CLASSES`` setting, youre done. See the section Order of MIDDLEWARE_CLASSES in Chapter 13 for more explanation.
翻译:
在设置文件中将 ``'django.contrib.csrf.middleware.CsrfMiddleware'`` 添加到 ``MIDDLEWARE_CLASSES`` 设置中可激活 CSRF 防护。该中间件必须在 ``SessionMiddleware`` *之后* 执行,因此在列表中 ``CsrfMiddleware`` 必须出现在 ``SessionMiddleware`` *之前* (因为响应中间件是自后向前执行的)。同时,它也必须在响应被压缩或解压之前对响应结果进行处理,因此 ``CsrfMiddleware`` 必须在 ``GZipMiddleware`` 之后执行。一旦将它添加到 ``MIDDLEWARE_CLASSES`` 设置中,你就完成了工作。参阅第 13 章中的《MIDDLEWARE_CLASSES 的顺序》一节了解更多诠释。
备注:
译者: