Skip to content

HTTPS clone URL

Subversion checkout URL

You can clone with HTTPS or Subversion.

Download ZIP
Browse files

Fixed #12053 - form examples don't validate according to w3c

Thanks to skyl for the report.



git-svn-id: http://code.djangoproject.com/svn/django/trunk@12086 bcc190cf-cafb-0310-a4f2-bffc1f526a37
  • Loading branch information...
commit 48edb177edf04854999355dfdfe23fc6ee312d7b 1 parent 77e27e7
Luke Plant spookylukey authored
2  django/contrib/comments/templatetags/comments.py
View
@@ -306,7 +306,7 @@ def comment_form_target():
Example::
- <form action="{% comment_form_target %}" method="POST">
+ <form action="{% comment_form_target %}" method="post">
"""
return comments.get_form_target()
2  docs/ref/contrib/comments/example.txt
View
@@ -103,7 +103,7 @@ But let's look at a simple example::
<!-- A context variable called form is created with the necessary hidden
fields, timestamps and security hashes -->
<table>
- <form action="{% comment_form_target %}" method="POST">
+ <form action="{% comment_form_target %}" method="post">
{{ form }}
<tr>
<td></td>
4 docs/ref/contrib/comments/index.txt
View
@@ -218,7 +218,7 @@ you can use in the template::
A complete form might look like::
{% get_comment_form for event as form %}
- <form action="{% comment_form_target %}" method="POST">
+ <form action="{% comment_form_target %}" method="post">
{{ form }}
<tr>
<td></td>
@@ -239,7 +239,7 @@ You may have noticed that the above example uses another template tag --
form. This will always return the correct URL that comments should be posted to;
you'll always want to use it like above::
- <form action="{% comment_form_target %}" method="POST">
+ <form action="{% comment_form_target %}" method="post">
Redirecting after the comment post
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2  docs/ref/contrib/csrf.txt
View
@@ -49,7 +49,7 @@ To enable CSRF protection for your views, follow these steps:
2. In any template that uses a POST form, use the :ttag:`csrf_token` tag inside
the ``<form>`` element if the form is for an internal URL, e.g.::
- <form action="" method="POST">{% csrf_token %}
+ <form action="" method="post">{% csrf_token %}
This should not be done for POST forms that target external URLs, since
that would cause the CSRF token to be leaked, leading to a vulnerability.
4 docs/topics/forms/formsets.txt
View
@@ -355,7 +355,7 @@ The ``manage_articles.html`` template might look like this:
.. code-block:: html+django
- <form method="POST" action="">
+ <form method="post" action="">
{{ formset.management_form }}
<table>
{% for form in formset.forms %}
@@ -369,7 +369,7 @@ with the management form:
.. code-block:: html+django
- <form method="POST" action="">
+ <form method="post" action="">
<table>
{{ formset }}
</table>
14 docs/topics/forms/index.txt
View
@@ -172,7 +172,7 @@ Forms are designed to work with the Django template language. In the above
example, we passed our ``ContactForm`` instance to the template using the
context variable ``form``. Here's a simple example template::
- <form action="/contact/" method="POST">
+ <form action="/contact/" method="post">
{{ form.as_p }}
<input type="submit" value="Submit" />
</form>
@@ -183,7 +183,7 @@ The form only outputs its own fields; it is up to you to provide the surrounding
``form.as_p`` will output the form with each form field and accompanying label
wrapped in a paragraph. Here's the output for our example template::
- <form action="/contact/" method="POST">
+ <form action="/contact/" method="post">
<p><label for="id_subject">Subject:</label>
<input id="id_subject" type="text" name="subject" maxlength="100" /></p>
<p><label for="id_message">Message:</label>
@@ -211,7 +211,7 @@ If the default generated HTML is not to your taste, you can completely customize
the way a form is presented using the Django template language. Extending the
above example::
- <form action="/contact/" method="POST">
+ <form action="/contact/" method="post">
<div class="fieldWrapper">
{{ form.subject.errors }}
<label for="id_subject">E-mail subject:</label>
@@ -263,7 +263,7 @@ If you're using the same HTML for each of your form fields, you can reduce
duplicate code by looping through each field in turn using a ``{% for %}``
loop::
- <form action="/contact/" method="POST">
+ <form action="/contact/" method="post">
{% for field in form %}
<div class="fieldWrapper">
{{ field.errors }}
@@ -322,7 +322,7 @@ and visible fields independently: ``hidden_fields()`` and
``visible_fields()``. Here's a modification of an earlier example that uses
these two methods::
- <form action="/contact/" method="POST">
+ <form action="/contact/" method="post">
{% for field in form.visible_fields %}
<div class="fieldWrapper">
@@ -356,7 +356,7 @@ If your site uses the same rendering logic for forms in multiple places, you
can reduce duplication by saving the form's loop in a standalone template and
using the :ttag:`include` tag to reuse it in other templates::
- <form action="/contact/" method="POST">
+ <form action="/contact/" method="post">
{% include "form_snippet.html" %}
<p><input type="submit" value="Send message" /></p>
</form>
@@ -373,7 +373,7 @@ using the :ttag:`include` tag to reuse it in other templates::
If the form object passed to a template has a different name within the
context, you can alias it using the :ttag:`with` tag::
- <form action="/comments/add/" method="POST">
+ <form action="/comments/add/" method="post">
{% with comment_form as form %}
{% include "form_snippet.html" %}
{% endwith %}
8 docs/topics/forms/modelforms.txt
View
@@ -705,14 +705,14 @@ There are three ways to render a formset in a Django template.
First, you can let the formset do most of the work::
- <form method="POST" action="">
+ <form method="post" action="">
{{ formset }}
</form>
Second, you can manually render the formset, but let the form deal with
itself::
- <form method="POST" action="">
+ <form method="post" action="">
{{ formset.management_form }}
{% for form in formset.forms %}
{{ form }}
@@ -725,7 +725,7 @@ form as shown above. See the :ref:`management form documentation
Third, you can manually render each field::
- <form method="POST" action="">
+ <form method="post" action="">
{{ formset.management_form }}
{% for form in formset.forms %}
{% for field in form %}
@@ -738,7 +738,7 @@ If you opt to use this third method and you don't iterate over the fields with
a ``{% for %}`` loop, you'll need to render the primary key field. For example,
if you were rendering the ``name`` and ``age`` fields of a model::
- <form method="POST" action="">
+ <form method="post" action="">
{{ formset.management_form }}
{% for form in formset.forms %}
{{ form.id }}
2  tests/regressiontests/csrf_tests/tests.py
View
@@ -13,7 +13,7 @@
# Response/views used for CsrfResponseMiddleware and CsrfViewMiddleware tests
def post_form_response():
resp = HttpResponse(content="""
-<html><body><form method="POST"><input type="text" /></form></body></html>
+<html><body><form method="post"><input type="text" /></form></body></html>
""", mimetype="text/html")
return resp
Please sign in to comment.
Something went wrong with that request. Please try again.