Vinoth
Reputation: 21
How to use CSRF token in jinja2?
My form.html:
<form action="/contact/" method="post"><input type="hidden" name="csrfmiddlewaretoken" value="{{ csrf_token }}">
<table>
<tr><p><td>Subject: </td><td><input type="text" name="subject" value="{{ subject }}"></p></td></tr>
<tr><p><td>Your e-mail (optional): </td><td><input type="text" name="email" value="{{ email }}"></p></td></tr>
<tr><p><td>Message: </td><td><textarea name="message" rows="10" cols="50">**{{ message }}**</textarea></p></td></tr>
</table>
<input type="submit" value="Send">
</form>
But still i get Forbidden (403) CSRF verification failed. Request aborted.
How to correct it?
Upvotes: 0
Views: 1191
Answers (2)
Chris Hawkes
Reputation: 12420
I may be wrong but I believe {{ csrf_token }} goes on the inside of your form tag.
<form>{{ csrf_token }}
blah: <input type="text">
<input type="submit">
</form>
Upvotes: 1
Simeon Visser
Reputation: 122476
You also need to add django.core.context_processors.csrf to your TEMPLATE_CONTEXT_PROCESSORS setting. Otherwise {{ csrf_token }} won't have a value.
You're now probably submitting the form with an empty CSRF token.
Upvotes: 0
Related Questions
- How to csrf_token protection in jinja2 template engine?
- where should i add the csrf token in this?
- In Django, how can I generate csrf token when not using templates
- Django 1.10 Using csrf Token
- CSRF token not getting inserted into template
- Trouble with CSRF token in Django
- Django how to get csrf_token value in the template
- Handling CSRF tokens in Django
- How to use Django CSRF token correctly?
- Persistent "CSRF token missing or incorrect.". Jinja and django-registration setup