Of course, JavaScript will be involved.  You can probably get the token
from the cookies, but you could also add code to your (first) template
to set a JS variable to the token.  Then, when you (on the client side)
get the form to display, you can insert the appropriate hidden element.

Bill

On Sun, Sep 2, 2012 at 5:06 PM, Robert Steckroth
<robertsteckr...@gmail.com> wrote:
> No actually the the template that renders the form is separate from
> the template that submits it.
> It is working with a @csrf_exempt on the processing view however. I
> guess I need a way to inform form processing view
> of the token it was given in the form serving view. I should be able
> to provide this with a caching or session variable.
> It was a pain in the rear, but the result is very professional. I am
> just gonna ignore it for now until it goes public.
>
>
> On Sun, Sep 2, 2012 at 1:16 AM, Melvyn Sopacua <m.r.sopa...@gmail.com> wrote:
>> On 2-9-2012 0:52, Robert Steckroth wrote:
>>
>>> The
>>> problem is that the contact form
>>> is provided by one view and processed by another. This, of course
>>> raises a CSRF token error in the posting
>>> submit.
>> I don't see the logic of this, unless by view you mean request. This is
>> also a bit confusing:
>>>  I have created a dynamic template loading system utilizing
>>> ajax inside the template.
>>
>> If by template you mean django template, then the above can not ever be
>> created. AJAX is incapable of generating server side code by design.
>> What is more likely, is that your template generates javascript that
>> fetches bits of HTML using other urls, that are then coupled to other
>> django templates and this gives a similar end result in which a page
>> consists of dynamic blocks akin to django's {% include %} tag.
>>
>> However, the execution flow is still that django provides the content
>> for the browser, so the contact form can have it's own CSRF token. Are
>> you providing that token in the template that renders the contact form?
>> --
>> Melvyn Sopacua
>>
>> --
>> You received this message because you are subscribed to the Google Groups 
>> "Django users" group.
>> To post to this group, send email to django-users@googlegroups.com.
>> To unsubscribe from this group, send email to 
>> django-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at 
>> http://groups.google.com/group/django-users?hl=en.
>>
>
>
>
> --
> Bust0ut, Surgemcgee: Systems Engineer ---
> surgemcgee.com
> BudTVNetwork.com
> RadioWeedShow.com
> "Bringing entertainment to Unix"
>
> --
> You received this message because you are subscribed to the Google Groups 
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to 
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at 
> http://groups.google.com/group/django-users?hl=en.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to 
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at 
http://groups.google.com/group/django-users?hl=en.

Reply via email to