On Mon, Mar 14, 2011 at 10:57 AM, Chris Seberino <cseber...@gmail.com> wrote: > My Django app's html won't validate because CSRF middleware adds > hidden > tags like this... > > <input type='hidden' id='csrfmiddlewaretoken' > name='csrfmiddlewaretoken' value='ebcf3d41f32a70a209e27ef7fdf06d72' /> > > The only problem is the slash "/>" at the end. > > How make Django templates not automatically add hidden tags that won't > validate?
You have access to a context variable called "csrf_token", which just contains the actual token string. If you don't like the output of the {% csrf_token %} template tag, then just write it yourself in a template. The simplest way would be to put, in your template, some code like this: <div style='display:none'> <input type='hidden' name='csrfmiddlewaretoken' value='{{ csrf_token }}' > </div> (Note the '{{', '}}' delimiters, rather than '{%', '%}') A more complicated, but more reusable way to do it would be to write your own template tag (it's really simple, you can use the CSRF-token code in django/template/defaulttags.py as a starting point) which would render whatever markup you need. -- Regards, Ian Clelland <clell...@gmail.com> -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.