working with forms , problem !!!

Dear All ,
am trying to make a form and i used an example from the book but its
not working , dont know why ?

this is what i have :

models.py :
from django.db import models
from django import forms

class ContactForm(forms.Form):
subject = forms.CharField(max_length=100)
message = forms.CharField()
sender = forms.EmailField()
cc_myself = forms.BooleanField(required=False)
------------------------------------------------------------------------------------------
views.py:
from django.shortcuts import render_to_response
from models import ContactForm
def contact(request):
if request.method == 'POST': # If the form has been submitted...
form = ContactForm(request.POST) # A form bound to the POST
data
if form.is_valid(): # All validation rules pass
# Process the data in form.cleaned_data
# ...
return HttpResponseRedirect('/thanks/') # Redirect after
POST
else:
form = ContactForm() # An unbound form

return render_to_response('contact.html', {
'form': form,
})
----------------------------------------------------------------------------------------------------
contact.html:

<form action="/contact/" method="post">{% csrf_token %}
{{ form.as_p }}
<input type="submit" value="Submit" />
</form>

i keep getting this :

Forbidden (403)

CSRF verification failed. Request aborted.
Help

Reason given for failure:

CSRF token missing or incorrect.

In general, this can occur when there is a genuine Cross Site Request
Forgery, or when Django's CSRF mechanism has not been used correctly.
For POST forms, you need to ensure:

The view function uses RequestContext for the template, instead of
Context.
In the template, there is a {% csrf_token %} template tag inside
each POST form that targets an internal URL.
If you are not using CsrfViewMiddleware, then you must use
csrf_protect on any views that use the csrf_token template tag, as
well as those that accept the POST data.

You're seeing the help section of this page because you have DEBUG =
True in your Django settings file. Change that to False, and only the
initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.