Skip to content
This repository

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse code

Fixed #15055 -- added information about (and an example of) the csrf_…

…token template tag to the forms documentation. Thanks to sneakyness for the report and bpeschier for the draft patch.

git-svn-id: http://code.djangoproject.com/svn/django/trunk@15445 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 0f50ef12bf795c20486e51785a5ba70a19825735 1 parent 1bac26b
authored February 07, 2011

Showing 1 changed file with 10 additions and 1 deletion. Show diff stats Hide diff stats

  1. 11  docs/topics/forms/index.txt
11  docs/topics/forms/index.txt
@@ -172,7 +172,7 @@ Forms are designed to work with the Django template language. In the above
172 172
 example, we passed our ``ContactForm`` instance to the template using the
173 173
 context variable ``form``. Here's a simple example template::
174 174
 
175  
-    <form action="/contact/" method="post">
  175
+    <form action="/contact/" method="post">{% csrf_token %}
176 176
     {{ form.as_p }}
177 177
     <input type="submit" value="Submit" />
178 178
     </form>
@@ -180,6 +180,15 @@ context variable ``form``. Here's a simple example template::
180 180
 The form only outputs its own fields; it is up to you to provide the surrounding
181 181
 ``<form>`` tags and the submit button.
182 182
 
  183
+.. admonition:: Forms and Cross Site Request Forgery protection
  184
+
  185
+   Django ships with an easy-to-use :doc:`protection against Cross Site Request
  186
+   Forgeries </ref/contrib/csrf>`. When submitting a form via POST with
  187
+   CSRF protection enabled you must use the :ttag:`csrf_token` template tag
  188
+   as in the preceding example. However, since CSRF protection is not
  189
+   directly tied to forms in templates, this tag is omitted from the
  190
+   following examples in this document.
  191
+
183 192
 ``form.as_p`` will output the form with each form field and accompanying label
184 193
 wrapped in a paragraph. Here's the output for our example template::
185 194
 

0 notes on commit 0f50ef1

Please sign in to comment.
Something went wrong with that request. Please try again.