开发者

How to add a csrf_token to a dynamically generated form?

开发者 https://www.devze.com 2023-02-22 16:26 出处:网络
I have a dynamically generated form but I can\'t do anything with it since Django required a csrf_token in every POST form.

I have a dynamically generated form but I can't do anything with it since Django required a csrf_token in every POST form.

My form is generated via:

$("#results").append(
  '<form class="form-book-add" id="{0}" method="post" action="/books/add/">'
  // Django requires a CSRF token here. How do I add it via Javascript?
  + '<input type="hidden" id="book-asin" value="'+asin+'"/>'
  + '<input type="hidden" id="book-title" value="'+details['title']+'"/>'
  + '<input type="hidden" id="book-author" value="'+details['author']+'"/>'
  + '<input type="hidden" id="book-cover" value="'+details['cover']+'"/>'
  + '<input type="hidden" id="book-url" value="'+details['url']+'"/>'
  + '<input type="hidden" id="book-isbn" value="'+details['isbn']+'"/>'
  + '<input type="submit" id="btn-book-add" value="Ad开发者_如何转开发d"/>'
  + '</form></div>'.format(i)
);


you have 2 options, first exclude csrf verification for the view - easiest, unsecure.

second, set input of csrfmiddlewaretoken to the value from the cookie csrftoken.

django docs has a nice example of something similar (from that example you will need just the part which extracts cookie value).

0

精彩评论

暂无评论...
验证码 换一张
取 消

关注公众号