Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
656 views
in Technique[技术] by (71.8m points)

csrf - Django - {% csrf_token %} was used in a template, but the context did not provide the value

I'm new to Django and I'm still trying to get to grips with its features. I've created very simple project with Django 1.4.2 which has index page with simple form where you enter something and results page where your input is displayed after submission (the code is below).

After submission, I get error 403 and the following message:

A {% csrf_token %} was used in a template, but the context did not provide the value. This is usually caused by not using RequestContext. warnings.warn("A {% csrf_token %} was used in a template, but the context did not provide the value. This is usually caused by not using RequestContext.")

index.html

<!DOCTYPE html>
<head>
    <title>Index page</title>
</head>
<body>
    <div id="header">Welcome to index page</div>
    <div id="content">
        <p>Enter your name</p>
        <form action="/result/" method="post" accept-charset="utf-8">{% csrf_token %}
            <input type="text" name="answer">
            <input type="submit" value="Send!">
        </form>
    </div>
</body>

result.html

<!DOCTYPE html>
<head>
    <title>Result page</title>
</head>
<body>
    <div id="header">Here is the result</div>
    <div id="content">
        <p>Your name is: {{ answer }}</p>
    </div>
</body>

views.py

from django.http import HttpResponse
from django.shortcuts import render_to_response
from django.template import RequestContext

def index(request):
    return render_to_response('index.html')

def result(request):
    p = request.POST['answer']
    return render_to_response('result.html', {'answer': p}, context_instance=RequestContext(request))

I've looked into documentation and various examples on the Internet, but I don't understand what I'm doing wrong. If I disable django.middleware.csrf.CsrfViewMiddleware in settings.py, I get exactly what I want, but that's not the answer I'm looking for.

I appreciate help from more experienced Django ninjas :-)

See Question&Answers more detail:os

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Reply

0 votes
by (71.8m points)

Your index.html is rendered without RequestContext. Try this:

def index(request):
    return render_to_response('index.html', context_instance=RequestContext(request))

I also recomend you to use more convenient shortcut render:

from django.shortcuts import render

def index(request):
    return render('index.html')

From docs:

render() is the same as a call to render_to_response() with a context_instance argument that forces the use of a RequestContext.

EDIT:

Thanks @nerdwaller for mentioning, newer versions now needs:

render(request, 'index.html', {params});

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
OGeek|极客中国-欢迎来到极客的世界,一个免费开放的程序员编程交流平台!开放,进步,分享!让技术改变生活,让极客改变未来! Welcome to OGeek Q&A Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

...