Home/ Questions/Q 7432227
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-29T09:25:31+00:00

Been two days trolling through Google, stackoverflow, and docs.djangoproject.com for a solution to CSRF

  • 0

Been two days trolling through Google, stackoverflow, and docs.djangoproject.com for a solution to CSRF problems.

Disclaimer, am a beginner at Django and following along the book The definitive guide to django – web development done right. Well, apparently am getting something wrong 🙁

See below one such attempt and see if you can point out any mistakes because I’ve tried all the suggestions on stackoverflow but no luck as yet:

view.py:

from django.shortcuts import render_to_response
from django.template import RequestContext

def add_vehicle(request):
    return render_to_response('vehicle.html', RequestContext(request, {}))

vehicle.html:

{% extends "base.html" %}
{% block title %}Vehicle Registration{% endblock %}
{% block content %}
<html>
<head>
</head>
<body>

<form action="/vehicle/" method="post"> {% csrf_token %}
    <table width=100%>
        <tr>
            <td>Reg #:</td>
            <td><input type="text" name="regnumber"></td>
            <td></td>
        </tr>
        <tr>
            <td>Model:</td>
            <td><input type="text" name="model"></td>
            <td></td>
        </tr>
        <tr>
            <td>Manufacturer:</td>
            <td><input type="text" name="manufacturer"></td>
            <td></td>
        </tr>
        <tr>
            <td>Year:</td>
            <td><input type="text" name="year"></td>
            <td></td>       
        </tr>
        <tr>
            <td>Chassis #:</td>
            <td><input type="text" name="chasisnumber"></td>
            <td></td>       
        </tr>
        <tr>
            <td></td>
            <td><input type="submit" value="Submit">
            <input type="submit" value="Clear">
            </td>
            <td></td>       
        </tr>
    </table>
</form>
</body>
</html>
{% endblock %}

I hope that’s not too much code for stackoverflow.

Now, I keep getting the CSRF token missing or incorrect.

Please assist.

Edit (Adding details on error)

settings.py looks like this:

MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)

Here is what the console displays when I open vehicle.html page:

warnings.warn("A {% csrf_token %} was used in a template, but the context did not provide the value.  This is usually caused by not using RequestContext.")
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    The signature for render_to_response is render_to_response(template_name[, dictionary][, context_instance][, mimetype]) so should you be calling it like the following to ensure the csrf token is put into the context? 

    return render_to_response('vehicle.html', {}, context_instance= RequestContext(request))`
    • 0