WTForms support for input readonly attribute?

Question

Here they say it\'s not supported out of the box.

Do you know a way to make HTML input form fields use the \'readonly\' attribute with WTForms?

Answer 1

I assume you are talking about the attribute in HTML/XHTML, which is not what that discussion thread you linked is about. (the linked thread is about a lower-level issue with how to ignore passed form input)

The way to set a readonly attribute (and indeed any attribute on a field) is as a keyword-arg in your template. If using Jinja, this looks like (html5):

{{ form.myfield(readonly=true) }}

And for XHTML or versions of WTForms older than 0.6.3:

{{ form.myfield(readonly="readonly") }}

Just note that the 'readonly' attribute is only a hint to the browser, and it has no impact on what the user submits. This is to say, a malicious user (or someone using a browser with custom JS a la greasemonkey or a JS console or a DOM tree) could generate a POST request changing the value of a field regardless of whether the readonly attribute is set on the input tag.

For this reason, the readonly attribute is only useful as an option to modify the user experience (for example, disabling a field based on some event/action using JS) and the input coming from a 'readonly' field is no more trust-able than any other form input.