Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Is there a way to hide the csrf label while looping through form using Flask and Flask-WTForms?

I have very simple contact form and I would like to hide the label somehow so that it doesn't show Csrf Token. I am using Flask and Flask-WTForms and am rendering the form like this:

{% for field in form %}     {{ field.label }}     {{ field }} {% endfor %} 

So basically this shows my inputs correctly and the csrf oen is hidden but the label isn't hidden? Should I get over it and implicitly say form.field_name instead of looping through the form or is there a way to handle this "corner case".

I was thinking about doing a logical check in either the for loop declaration or the label declaration but so far I haven't found anything in the documentation that has worked.

Thanks

EDIT: I have "fixed" the problem by doing this but it feels kinda dirty and hacky which I don't like I am still open to a better solution:

{% if not loop.first %}     {{ field.label }} {% endif %} 
like image 246
edhedges Avatar asked May 26 '12 02:05

edhedges


2 Answers

If you want a more general solution that works for all hidden fields instead of just the CSRF token:

{{ form.hidden_tag() }} {% for field in form if field.widget.input_type != 'hidden' %}   {{ field.label }}   {{ field }} {% endfor %} 

form.hidden_tag() is supplied by Flask-WTF.

like image 200
jd. Avatar answered Sep 30 '22 06:09

jd.


Just to add to JD's excellent answer...

For those stumbling across this question: You can avoid losing the (csrf) hidden field (and thus protection) by adding the condition "if field.widget.input_type!='hidden' " specifically to the label instead of to the form iterator.

i.e.:

not

{{ form.hidden_tag() }} {% for field in form if field.widget.input_type != 'hidden' %}       {{ field.label }} {{ field }} {% endfor %} 

but

{{ form.hidden_tag() }} {% for field in form %}   {% if field.widget.input_type != 'hidden' %} {{ field.label }} {% endif %}   {{ field }} {% endfor %} 
like image 33
rnvdv Avatar answered Sep 30 '22 06:09

rnvdv