问题
Here's the relevant snippet of HTML in the template:
<form action="/submit_text/" method="post">
{% csrf_token %}
{% include "backbone/form_errors.html" %}
{{form.as_p}}
<input type="submit" value="Submit" />
</form>
Here is my settings.py MIDDLEWARE_CLASSES declaration:
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)
The CSRF token simply doesn't show, causing a
Forbidden (403) CSRF verification failed. Request aborted.
回答1:
You need to pass the RequestContext in your render_to_response for the context processors to actually be run.
from django.template import RequestContext
context = {}
return render_to_response('my_template.html',
context,
context_instance=RequestContext(request))
the new render shortcut (django 1.3+) will do it for you:
from django.shortcuts import render
context = {}
return render(request, 'my_template.html', context)
回答2:
While there is a checked answer, I want to point out that writing context_instance.... gets really annoying. I find this useful...especially with forms
context.update(csrf(request))
来源:https://stackoverflow.com/questions/9610768/django-csrf-token-wont-show