0

In my django project, I'd like to add the csrf_token template tag to the base.html template. Just dropping the template tag in doesn't get it populated, I'd have to add it to every view, which is not optimal.

So, is there a way to add the csrf_token on every page?

I would think this would be built into whatever view renders the base.html template.

Improve this question
10
  • Could you elaborate on "Just dropping the template tag in doesn't get it populated"?
    – shaktimaan
    Apr 22, 2014 at 17:34
  • In base.html adding {% csrf_token %} directly before the closing </body> tag. I would think it the tag would render automagically.
    – hogsolo
    Apr 22, 2014 at 17:35
  • The csrf_token is necessary within every form for security reasons. As long as you are using only one form in each site the form and the token can reside in your base.html.
    – timo.rieber
    Apr 22, 2014 at 17:39
  • You would just have to add the decorator @csrf_protect to every view function. I am not sure how is it not optimal?
    – shaktimaan
    Apr 22, 2014 at 17:39
  • Right, so instead of adding @csrf_protect to EVERY VIEW FUNCTION, isn't there a a global view function I can add it to?
    – hogsolo
    Apr 22, 2014 at 17:41

1 Answer 1

Reset to default
0

Though I don't know why it's not rendered, it should be inside a form element for it to work properly.

Create a form.html template and reuse it with :

{% include 'form.html' with form=contact_form %}

Place the csrf tag inside form.html

Improve this answer

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Not the answer you're looking for? Browse other questions tagged or ask your own question.