Django Dynamic Formset JQuery Library
I spent a while searching for a code snippet that would allow the user to dynamically add fields to a form. For instance, if you want to enter several individual items, but don’t know in advance how many…
The perfect snippet eventually led me to a full-fledged jQuery library, for Javascript over Django. Check it out!
Filed under: uncategorized | Tagged: django, dynamic fields, forms, jquery, python | Leave a comment »
Hi,
If you’ve been working your way through the Django Book tutorial, you may have run into a spot of trouble with the form chapter. Even though I had basically cut and pasted in the chapter code, I kept getting a CSRF Verification Failed error, which was definitely not listed in the book.
We don’t like this.
CSRF stands for Cross Site Request Forgery, which is a type of attack on your web page. This occurs when a malicious Web site contains a link, a form button or some javascript that is intended to perform some action on your Web site, using the credentials of a logged-in user who visits the malicious site in their browser. CSRF protection in Django is meant to prevent just that, which is why we get an error if we haven’t properly secured our forms. It seems to have been enforced in newer versions of Django, but still not updated in the online book.
The problem can be solved as follows:
<form action="" method="post">
{% csrf_token %}
<table>
{{ form.as_table }}
</table>
<input type="submit" value="Submit">
</form>
RequestContext in views.py. The code looks like this:
from django.template import RequestContext
...
def contact(request):
...
initialData = {'form': form}
return render_to_response('contact_form.html', initialData,
context_instance=RequestContext(request))
The RequestContext contains a CSRF token which is necessary to prevent this error. Completing these steps should resolve the problem! 🙂
Filed under: django, python | Tagged: csrf, csrf error, csrf token, django, django book, error, forms, python, web development | Leave a comment »
Code and Chaos 