OK. I'll check all of that out, including the article. In the meantime
can you possibly explain the "title" field shown coded on the form in
the Django file upload document? It's shown coded on the form but I
don't think it's referenced anymore after that in the document and I
would like to know what's it's used for, how it needs to be processed
in the view, etc. Thanks for the help.
On Jan 25, 5:42 pm, Jonas Geiregat <jo...@geiregat.org> wrote:
> Hey,
>
> I've also struggled with CSRF for a while.
> Maybe I can give you some guidance.
>
> > you need to ensure:
>
> > •The view function uses RequestContext for the template, instead of
> > Context.
> > •In the template, there is a {% csrf_token %} template tag inside each
> > POST form that targets an internal URL.
> > •If you are not using CsrfViewMiddleware, then you must use
> > csrf_protect on any views that use the csrf_token template tag, as
> > well as those that accept the POST data.
> > You're seeing the help section of this page because you have DEBUG =
> > True in your Django settings file. Change that to False, and only the
> > initial error message will be displayed.
>
> Have you checked each item mentioned by the error report ?
>
>
>
> > <form action="/polls/uploadfile/" method="POST" enctype="multipart/
> > form-data">
>
> Add {% crsf_token %} directly after the opening form tag.
>
>
>
> > return render_to_response('polls/uploadfile.html', {'form':
> > form})
>
> You must always a ContextRequest like this:
>
> from django.template import RequestContext
>
> return render_to_response('polls/uploadfile.html', {'form':form},
> context_instance=RequestContext(your_request_var))
>
> If you are still stuck I can advise you to read the following
> article:http://andrew.io/weblog/2010/01/django-piston-and-handling-csrf-tokens
>
> Good luck!
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
