Re: CSRF token not adding hidden form field

On Thu, Jun 10, 2010 at 11:08, joelklabo <joelklabo@gmail.com> wrote:
> MIDDLEWARE_CLASSES = (
>    'django.middleware.common.CommonMiddleware',
>    'django.contrib.sessions.middleware.SessionMiddleware',
>    'django.middleware.csrf.CsrfViewMiddleware',
>    'django.contrib.auth.middleware.AuthenticationMiddleware',
>    'django.contrib.messages.middleware.MessageMiddleware',
> )
>

Can you add 'django.middleware.csrf.CsrfResponseMiddleware',
after CsrfViewMiddleware above?

The docs [1] say that this is only required in the legacy method, but
{% csrf_token %} doesn't work for me without the
CsrfResponseMiddleware. Dunno if something is broken somewhere or did
I misread the steps involved.

The docs also say "Use of the CsrfResponseMiddleware is not
recommended ..." so it would be nice if someone else can fix your
problem, but can you please try this and see if it works?

[1] http://docs.djangoproject.com/en/dev/ref/contrib/csrf/

--
http://roshan.mathews.in/

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.