Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (pypi.python.org).
Help us improve Python packaging - Donate today!

Provides protection against spammers and scammers.

Project Description

A SmartFile Open Source project. Read more about how SmartFile uses and contributes to Open Source software.

Introduction

Provides protection against spammers and scammers.

Installation

Install using pip pip install django-secureform

Then install the application into your Django project in settings.py. There are also optional settings which will affect the behavior of SecureForm instances.

INSTALLED_APPS += ('django_secureform', )

# If you wish to use an encryption key other than Django's SECRET_KEY
SECUREFORM_CRYPT_KEY = 'super-secret encryption key'

# This is the name of the hidden field added to the form to contain
# security data.
SECUREFORM_FIELD_NAME = 'foobar'

# The number of seconds allowed between form rendering and submittal.
SECUREFORM_TTL = 300

# The number of honeypot fields added to the form.
SECUREFORM_HONEYPOTS = 1

# By default, jQuery is needed to hide honeypots. If you already
# use jQuery in your app, you can disable this feature (preventing
# a duplicate script reference to jQuery).
SECUREFORM_INCLUDE_JQUERY = False

Usage

from django_secureform.forms import SecureForm


# Define your form class as usual.
class MySecureForm(SecureForm):
    class Meta:
        # Override options in settings.py for this class.
        include_jquery = False

    name = forms.CharField()

Unit Testing

If you want to write unit tests for forms that derive from SecureForm, you will need to let this application know you are testing. SecureForm looks for settings.TESTING to evaluate to True. If so, it disables the security allowing the Django test client to send POST data using the original field names.

In the future, I would rather provide tools so that testing can happen with security enabled, but this is a quick workaround. Our test framework uses an environment variable to set settings.TESTING. For example, in settings.py…

import os

TESTING = True if 'TESTING' in os.environ else False
Release History

Release History

This version
History Node

0.3-1

History Node

0.2-1

History Node

0.1-7

History Node

0.1-6

History Node

0.1-5

History Node

0.1-4

Download Files

Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

File Name & Checksum SHA256 Checksum Help Version File Type Upload Date
django-secureform-0.3-1.tar.gz (6.8 kB) Copy SHA256 Checksum SHA256 Source Apr 17, 2013

Supported By

WebFaction WebFaction Technical Writing Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Rackspace Rackspace Cloud Servers DreamHost DreamHost Log Hosting