csrf error in django
I was having the exact same issue - and Blue Peppers' answer got me on the right track. Adding a RequestContext to your form view fixes the problem.
from django.template import RequestContextand:
def register(request): if request.method == 'POST': form = UserCreationForm(request.POST) if form.is_valid(): new_user = form.save() return HttpResponseRedirect("/books/") else: form = UserCreationForm() c = {'form': form} return render_to_response("registration/register.html", c, context_instance=RequestContext(request))This fixed it for me.
I'm using Django 1.2.3, I had a few intermittent problems:
Things to do:
Ensure the csrf token is present in your template:
<form action="" method="post">{% csrf_token %}Use a RequestContext:
return render_to_response('search-results.html', {'results' : results}, context_instance=RequestContext(request) )Make sure you use a RequestContext for GETs as well, if they are handled by the same view function, and render the same template.
i.e:
if request.method == 'GET': ... return render_to_response('search-results.html', {'results':results}, context_instance=RequestContext(request) )elif request.method == 'POST': ... return render_to_response('search-results.html', {'results':results}, context_instance=RequestContext(request))not:
if request.method == 'GET': ... return render_to_response('search-results.html', {'results':results})elif request.method == 'POST': ... return render_to_response('search-results.html', {'results':results}, context_instance=RequestContext(request))Ensure 'django.middleware.csrf.CsrfViewMiddleware' is listed in your settings.py
MIDDLEWARE_CLASSES = ( 'django.middleware.common.CommonMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware',)
Assuming you're on Django 1.2.x, just add this before {{form.as_p}}:
{% csrf_token %}
And to understand WHY, check out the CSRF docs