Home/ Questions/Q 8278285
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-08T08:57:35+00:00

I have a flow in my django application in which I redirect the user

  • 0

I have a flow in my django application in which I redirect the user to another service (e.g. PayPal) which after some its own processing, returns the user back on my own server. The returning point on my server is a simple HTML success page which I render using direct_to_template.

For some odd reasons, the other server sends a POST request and hence the user sees a CSRF token missing error as the other server doesn’t send back any CSRF token.

How do I exempt a direct_to_template view from CSRF tokens?

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You can use the csrf_exempt decorator to disable CSRF protection for a particular view.

    Say your url pattern is:

    ('^my_page/$', direct_to_template, {'template': 'my_page.html'})

    Add the following import to your urls.py:

    from django.views.decorators.csrf import csrf_exempt

    Then change the url pattern to:

    ('^my_page/$', csrf_exempt(direct_to_template), {'template': 'my_page.html'})
    • 0