I’ve got Pyjamas and Django running via Apache2 with mod_wsgi on Windows 7. I do not believe I’m getting issues from the setups of these things, though: the only thing that is not working is trying to POST information from Pyjamas-generated forms. Trying to use Pyjamas-generated forms in my application produces 403s (the “CSRF verification failed” error page).

I have spent hours on this and read all of the answers I could find on here related to CSRF and Pyjamas, and done a lot of external research just on CSRF and Django, Django and Ajax, etc. If this question isn’t reaching anyone who has knows just what to do in this situation, I think I’ve whittled down the essence of the question.

How would one get the {% csrf_token %} into the Pyjamas-generated form? It seems like it might be impossible, because from what I understand CSRF tokens are not persistent, which a Pyjamas-generated page is … My Pyjamas page is generated from a Pyjamas .py file, resulting in a folder full of hard-coded stuff. How is it that I would integrate the current CSRF token into that already-coded form?

Please don’t hesitate to ask for more details, this issue has been incredibly hard to navigate. None of the published information on integrating Pyjamas & Django regards this; and the only solutions I’ve found that seem aware of CSRF in Django say you should probably just disable CSRF protection (which I could do, but what protection could I put in place of it? My own cookie system? Is it a terrible idea to disable CSRF protection in any case?).

Thank you!