I have very simple contact form and I would like to hide the label somehow so that it doesn't show Csrf Token
. I am using Flask and Flask-WTForms and am rendering the form like this:
{% for field in form %} {{ field.label }} {{ field }} {% endfor %}
So basically this shows my inputs correctly and the csrf oen is hidden but the label isn't hidden? Should I get over it and implicitly say form.field_name
instead of looping through the form or is there a way to handle this "corner case".
I was thinking about doing a logical check in either the for loop declaration or the label declaration but so far I haven't found anything in the documentation that has worked.
Thanks
EDIT: I have "fixed" the problem by doing this but it feels kinda dirty and hacky which I don't like I am still open to a better solution:
{% if not loop.first %} {{ field.label }} {% endif %}
If you want a more general solution that works for all hidden fields instead of just the CSRF token:
{{ form.hidden_tag() }} {% for field in form if field.widget.input_type != 'hidden' %} {{ field.label }} {{ field }} {% endfor %}
form.hidden_tag()
is supplied by Flask-WTF.
Just to add to JD's excellent answer...
For those stumbling across this question: You can avoid losing the (csrf) hidden field (and thus protection) by adding the condition "if field.widget.input_type!='hidden' " specifically to the label instead of to the form iterator.
i.e.:
not
{{ form.hidden_tag() }} {% for field in form if field.widget.input_type != 'hidden' %} {{ field.label }} {{ field }} {% endfor %}
but
{{ form.hidden_tag() }} {% for field in form %} {% if field.widget.input_type != 'hidden' %} {{ field.label }} {% endif %} {{ field }} {% endfor %}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With