Goran
Reputation: 6834
django csrf_token in search result url
Have csrf in search result url. Don't know why is there and how to remove it. Search works nice. Here is URL
/search/?csrfmiddlewaretoken=675d1340034e094866d15a921407e3fc&q=testing
here is view:
def search(request):
query = request.GET.get('q', '')
rezult = []
if query:
qset1 = (
Q(title__icontains=query)
)
result = Product.objects.filter(qset1).distinct()
if result.count() == 1:
return HttpResponseRedirect(result[0].get_absolute_url())
return render_to_response('search/search.html',{'query': query, 'result': result, },context_instance=RequestContext(request))
Thanks
Upvotes: 13
Views: 6181
Answers (3)
Ben Eliott
Reputation: 654
Remove {% csrf_token %} from your form in the template, you don't need it since you're making a GET request.
Upvotes: 26
Vahid Chakoshy
Reputation: 1527
you added {% csrf_token %} in your form. if you dont need csrf remove this from your form and add csrf_exempt.
look at this sample of django:
from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
def my_view(request):
return HttpResponse('Hello world')
Upvotes: 4
Aidan Ewen
Reputation: 13328
I would assume that you've added the {% csrf_token %} within one of the search form's input element. That would cause the token to be submitted along with the form.
Check your search form template.
Upvotes: 1
Related Questions
- How to remove csrf token from search result url in Django?
- csrf_token problem django
- Getting csrfmiddleware token in url
- Form is not returning contents of search, instead it returns "csrfmiddlewaretoken"?
- Using forms with the Django outputs the token
- Django csrf_token in GET query
- Handling CSRF tokens in Django
- How to use Django CSRF token correctly?
- Django csrf token
- django and csrf_token problem