I have read Django – CSRF verification failed and several questions (and answers) related to django and POST method. One of the best-but-not-working-for-me answer is https://stackoverflow.com/a/4707639/755319
All of the approved answers suggest at least 3 things:
- Use RequestContext as the third parameter of render_to_response_call
- Add {% csrf_token %} in every form with POST method
- Check the MIDDLEWARE_CLASSES in settings.py
I’ve done exactly as suggested, but the error still appeared. I use django 1.3.1 (from ubuntu 12.04 repository) and python 2.7 (default from ubuntu)
This is my View:
# Create your views here.
from django.template import RequestContext
from django.http import HttpResponse
from django.shortcuts import render_to_response
from models import BookModel
def index(request):
return HttpResponse('Welcome to the library')
def search_form(request):
return render_to_response('library/search_form.html')
def search(request):
if request.method=='POST':
if 'q' in request.POST:
q=request.POST['q']
bookModel = BookModel.objects.filter(title__icontains=q)
result = {'books' : bookModel,}
return render_to_response('library/search.html', result, context_instance=RequestContext(request))
else:
return search_form(request)
else:
return search_form(request)
and this is my template (search_form.html):
{% extends "base.html" %}
{% block content %}
<form action="/library/search/" method="post">
{% csrf_token %}
<input type="text" name="q">
<input type="submit" value="Search">
</form>
{% endblock %}
I’ve restarted the server, but the 403 forbidden error is still there, telling that CSRF verification failed.
I’ve 2 questions:
- How to fix this error?
- Why is it so hard to make a “POST” in django, I mean is there any specific reason to make it so verbose (I come from PHP, and never found such a problem before)?
Try putting RequestContext in the search_form view’s render_to_response: