Menu
I have been getting this error referring to this method in my views.py file:
def AddNewUser(request):
a=AMI()
if(request.method == "POST"):
print(request.POST)
# print(request['newUser'])
# print(request['password'])
return render_to_response("ac/AddNewUser.html", {})
But my other functions work just fine. It's just this button in my HTML file that doesn't work.
<form name="AddNewUser" action="/ac/AddNewUser" method="post"> {% csrf_token %} <input type="submit" name="addNewUser" id="addNewUser" value="Create User"></form>
As you can see I've got the {% csrf_token %} but it's still not working. I also know some people are having this problem if they don't have MIDDLEWARE_CLASSES in their settings.py but I have that inserted correctly. What could be causing this problem? The only other line in the error says: "The view function uses RequestContext for the template, instead of Context." But I don't know what that could mean.
293
The CSRF token is like an alphanumeric code or random secret value that's peculiar to that particular site. Hence, no other site has the same code. In Django, the token is set by CsrfViewMiddleware in the settings.py file. A hidden form field with a csrfmiddlewaretoken field is present in all outgoing requests.
To fetch a CRSF token, the app must send a request header called X-CSRF-Token with the value fetch in this call. The server generates a token, stores it in the user's session table, and sends the value in the X-CSRF-Token HTTP response header.
To fix CSRF token missing or incorrect with Python Django, we can pass the request context into the form when calling render_to_response . to call render_to_response with RequestContext(request) to pass the CSRF token into the fileupload/upload. html template. to add the CSRF token field.
Chrome. Open Chrome Settings. In the Privacy and security section, click Cookies and other site data. Scroll down to Sites that can always use cookies and click Add.
You have to use a RequestContext object to get the context, then pass the results in to your render_to_response() function. RequestContext adds in a required CSRF token.
from django.template import RequestContext
from django.shortcuts import render_to_response
csrfContext = RequestContext(request)
return render_to_response(some_template, csrfContext)
As a side note, you can also use RequestContext to add contexts/dictionaries intended for the template. For instance, I frequently use:
initialData = {'form': theForm, 'user_status': 'online'}
csrfContext = RequestContext(request, initialData)
return render_to_response(show_template, csrfContext)
As a (brief) explanation of what RequestContext does: most middleware creates something called a context processor, which is simply a function that supplies a context (dictionary) of variables. RequestContext looks for all the available context processors, gets their contexts, and appends them all to a single (giant) context.
69
NOTE: The RequestContext has to be used in both the view that serves the form as well as the view that receives the post. If you follow directions above and still doesn't work, this might be the problem! It was for me.
23
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
