CSRF Token missing or incorrect

by

Update: This answer is from 2011. CSRF is easy today.

These days you should be using the render shortcut function return render(request, 'template.html') which uses RequestContext automatically so the advice below is outdated by 8 years.

  1. Use render https://docs.djangoproject.com/en/2.2/topics/http/shortcuts/
  2. Add CSRF middleware https://docs.djangoproject.com/en/2.2/ref/csrf/
  3. Use the {% csrf_token %} template tag
  4. Confirm you see the CSRF token value being generated, AND submitted in your form request

Original Response

My guess is that you have the tag in the template but it’s not rendering anything (or did you mean you confirmed in the actual HTML that a CSRF token is being generated?)

Either use RequestContext instead of a dictionary

render_to_response("foo.html", RequestContext(request, {}))

Or make sure you have django.core.context_processors.csrf in your CONTEXT_PROCESSORS setting.

https://docs.djangoproject.com/en/dev/ref/contrib/csrf/

Or add the token to your context manually

More Related Contents:

  1. Django CSRF check failing with an Ajax POST request
  2. How do I filter ForeignKey choices in a Django ModelForm?
  3. Django set default form values
  4. Creating a dynamic choice field
  5. dynamically add field to a form
  6. How can I build multiple submit buttons django form?
  7. Django: multiple models in one template using forms [closed]
  8. Django reverse lookup of foreign keys
  9. Django ModelForm for Many-to-Many fields
  10. Multiple Models in a single django ModelForm?
  11. Django-Registration & Django-Profile, using your own custom form
  12. Django formsets: make first required?
  13. How does Django Know the Order to Render Form Fields?
  14. How do I add a placeholder on a CharField in Django?
  15. How to create a UserProfile form in Django with first_name, last_name modifications?
  16. Forbidden (403) CSRF verification failed. Request aborted. Even using the {% csrf_token %}
  17. Change Django ModelChoiceField to show users’ full names rather than usernames
  18. Using request.user with Django ModelForm
  19. Overriding the save method in Django ModelForm
  20. What’s the best way to store a phone number in Django models?
  21. How to change the file name of an uploaded file in Django?
  22. Customize/remove Django select box blank option
  23. Pre-populate an inline FormSet?
  24. CSRF verification failed. Request aborted
  25. How to set and get session variable in django?
  26. How do I filter values in a Django form using ModelForm?
  27. Change a Django form field to a hidden field
  28. Django form.as_p DateField not showing input type as date
  29. Django – Working with multiple forms
  30. Django ModelForm to have a hidden input

Leave a Comment