My DjangoCon Europe 2022 Talk About Cross-site Request Forgery

I recently gave a talk about Cross-site Request Forgery in Django at DjangoCon Europe 2022 in Porto. You can find the slides here. Unfortunately, which I didn't know at the time, no official recording of the workshop was done. However, I still have a recording of one of the test runs I did in preparation for the workshop. It has some rough edges and isn't as smooth as I would like, but if you are interested in the workshop it's better than nothing. You can find the recoding here. I recommend listening to it at 1.5x speed.

Here the two demo projects I setup for the talk:


This is a list of most of the resources I used when preparing for the talk.

Origin and Site

Same-origin Policy

Cross-site Request Forgery


Cookie Security in General

SameSite Cookies


Django Docs

Django Rest Framework