Anonymous user
Boston Python Workshop/Saturday/Web app project: Difference between revisions
Boston Python Workshop/Saturday/Web app project (view source)
Revision as of 03:05, 14 March 2011
, 13 years ago→Write a simple form
imported>Ltwhite |
imported>Ltwhite |
||
Line 683:
* Since we're creating a POST form (which can have the effect of modifying data), we need to worry about Cross Site Request Forgeries. Thankfully, you don't have to worry too hard, because Django comes with a very easy-to-use system for protecting against it. In short, all POST forms that are targeted at internal URLs should use the {% csrf_token %} template tag.
The {% csrf_token %} tag requires information from the request object, which is not normally accessible from within the template context. To fix this, a small adjustment needs to be made to the detail view in the "views.py" file, so that it looks like the following:
<pre>
| |||