1👍
✅
This problem is not django specific. If you search CSRF Restful you will find many questions and answers about this. for e.g. this one
At the basic level, I would say that CSRF is a mechanism to plug security issues affecting people who use browsers. As such, people who use mobile applications are not likely to be affected by this.
You should keep the CSRF layer for people who access your application from web browsers and create a different scheme to access your api from other types of clients.
0👍
Yep, it’s good idea, ‘cose you just don’t need it for mobile backend,
but just removing
'django.middleware.csrf.CsrfViewMiddleware'
won’t be enough, you need add you own middleware, that will disable CSRF.
Here solution http://www.soyoucode.com/2011/really-disable-csrf-django
- [Answer]-How do I put a background image on the body in css with django using static?
- [Answer]-Django clickable field for href
- [Answer]-Django 1.6: Button clicked in template not recognised in views
- [Answer]-Neo4Django – KeyError: 'GremlinPlugin' error while creating an object
- [Answer]-Model friends table in Django
Source:stackexchange.com