It's possible that users would desire to script against the signed_url view without ever loading a standard Django view (which would load the CSRF token in a cookie). For this reason, a user should be able to set a property in settings.py that would make the signed_url view CSRF-exempt.
It's possible that users would desire to script against the
signed_urlview without ever loading a standard Django view (which would load the CSRF token in a cookie). For this reason, a user should be able to set a property insettings.pythat would make thesigned_urlview CSRF-exempt.