docs
id | page | ref | title | content | breadcrumbs | references |
---|---|---|---|---|---|---|
plugin_hooks:plugin-hook-skip-csrf | plugin_hooks | plugin-hook-skip-csrf | skip_csrf(datasette, scope) | datasette - Datasette class You can use this to access plugin configuration options via datasette.plugin_config(your_plugin_name) , or to execute SQL queries. scope - dictionary The ASGI scope for the incoming HTTP request. This hook can be used to skip CSRF protection for a specific incoming request. For example, you might have a custom path at /submit-comment which is designed to accept comments from anywhere, whether or not the incoming request originated on the site and has an accompanying CSRF token. This example will disable CSRF protection for that specific URL path: from datasette import hookimpl @hookimpl def skip_csrf(scope): return scope["path"] == "/submit-comment" If any of the currently active skip_csrf() plugin hooks return True , CSRF protection will be skipped for the request. | ["Plugin hooks"] | [{"href": "https://asgi.readthedocs.io/en/latest/specs/www.html#http-connection-scope", "label": "ASGI scope"}] |