Maybe decorate the view with @csrf_extempt and test it
like this:
---views.py---
from django.core.context_processors import csrf
from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
def contact(request):
form = ContactForm()
...some wicked logic here ...
return render_to_response('contact.html', {
'form': form,
})
On Jan 21, 7:29 pm, scabbage <guans...@gmail.com> wrote:
> I tried the following:
>
> 1. Change everything to use POST
> 2. Do
> $ curl -d
> "name=Bob&csrfmiddlewaretoken=926ab8c4fca858fdf0c441784687d402"http://localhost:8000/demo/test/
>
> But I'm still getting the same CSRF error. Not sure why.
>
> Also, the token seems to stay the same after restarting the server. Is
> this expected?
>
> On Jan 20, 4:32 pm, Russell Keith-Magee <russ...@keith-magee.com>
> wrote:
>
> > On Fri, Jan 21, 2011 at 4:40 AM, scabbage <guans...@gmail.com> wrote:
> > > How do I include CSRF token in a curl request then? I use curl for
> > > debugging. Cannot seem to find any info on Google :(
>
> > The CSRF token is just a hidden field on your form. When you render
> > your template, the CSRF token will be included on the rendered page.
> > Include that token as part of your post data as you would any other
> > field value.
>
> > Yours,
> > Russ Magee %-)
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
