I have been checking the template that generates the form, and the
csrf_token is included on it, but when the page is renderized to html
the token does not appear.
Also I have tried to do this:
{% load comments %}
{% get_comment_form for project as cform %}
<form action="{% comment_form_target %}" method="post">
{% csrf_token %}
{{ cform.as_p }}
<td><input type="submit" name="preview" class="submit-post"
value="Preview"></td>
</form>
And the result is the same csfr error.
Thanks
On 6 ago, 10:12, Reinout van Rees <rein...@vanrees.org> wrote:
> On 08/06/2010 01:15 AM, ignacio.arriaga wrote:
>
>
>
> > Hello,
>
> > I have a problem with django.contrib comments application. I have
> > installed the applicacion and made the synchronization with the
> > database. I create a comment form in this way:
>
> > {% render_comment_form for project %}
>
> > When I push either preview or submit I get a 403 error related with
> > csrf protection. I have the Csrf middleware activated.
>
> > I am using django 1.2 with python 2.6.
>
> You're probably missing the csrf_token tag in your form.
>
> Fromhttp://docs.djangoproject.com/en/dev/ref/contrib/csrf/:
>
> In any template that uses a POST form, use the csrf_token tag
> inside the <form> element if the form is for an internal URL, e.g.:
>
> <form action="" method="post">{% csrf_token %}
>
> So just add that csrf_token tag and you're probably done.
>
> Reinout
>
> --
> Reinout van Rees - rein...@vanrees.org -http://reinout.vanrees.org
> Programmer athttp://www.nelen-schuurmans.nl
> "Military engineers build missiles. Civil engineers build targets"
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
