1

I am getting "CSRF token missing or incorrect".

I already checked Stack Overflow for an answer and nothing worked; I double checked my sources and really don't know what I did wrong. It only works when I comment the MIDDLEWARE_CLASSES line with CsrfViewMiddleware, but I think is something that I never need to do.

Here are the pieces of code I think are relevant:

settings.py

MIDDLEWARE_CLASSES = (
 'django.middleware.common.CommonMiddleware',
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.middleware.csrf.CsrfResponseMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
)

views.py

from django.http import HttpResponseRedirect
from django.shortcuts import get_object_or_404, render_to_response
from django.template import RequestContext
from sitfin.models import Balanta, Conturi, BalantaForm, ConturiForm
from django.forms.formsets import formset_factory
def render_to_response(req,*args,**kwargs):
 kwargs['context_instance']=RequestContext(req)
 return render_to_response(*args,**kwargs)
def conturi_index(request):
 return render_to_response('sitfin/conturi_index.html',{'conturi_list':Conturi.objects.all()})
def conturi_introducere(request):
 ConturiFormSet=formset_factory(ConturiForm)
 if request.method=='POST':
 #form=ConturiForm(data=request.POST)
 formset=ConturiFormSet(request.POST, request.FILES)
 #if form.is_valid():
 if formset.is_valid():
 #new_entry=form.save()
 new_entry=formset.save()
 return HttpResponseRedirect("sitfin/conturiok")
 else:
 #form=ConturiForm()
 formset=ConturiFormSet()
 #return render_to_response('sitfin/conturi_introducere.html',{'form':form})
 return render_to_response('sitfin/conturi_introducere.html',{'formset':formset})

The template

<html>
<head>
 <meta http-equiv="content-type" content="text/html; charset=utf-8">
 <title>Conturi_introducere</title>
</head>
<body>
 <p>BAGA CONTURILE</p>
 <form action="" method="post">{% csrf_token %}
 {{ formset.management_form }}
 <!--<p><label for="id_cont">cont:</label>{{ form.cont }}</p>
 <p><label for="id_cont_debit">cont debit:</label>{{ form.cont_debit }}</p>
 <p><label for="id_cont_credit">cont credit:</label>{{ form.cont_credit }}</p>
 -->
 <table border="0">
 {% for form in formset %}
 {{ form }}
 {% endfor %}
 </table>
 <p><input type="submit" value="Submit"></p>
 </form>
</body>
</html>

What am i doing wrong?

Michael Mrozek
177k29 gold badges172 silver badges179 bronze badges
asked May 13, 2011 at 18:32
1
  • CSRF is validated with cookies. You do have those enabled on your browser right? Commented May 13, 2011 at 18:42

2 Answers 2

9

You need to make sure that you include the RequestContext in your response.

return render_to_response('sitfin/conturi_introducere.html',{'formset':formset},
context_instance=RequestContext(request))
answered May 13, 2011 at 18:42
Sign up to request clarification or add additional context in comments.

2 Comments

Thanks man! It works! I thought that the render_to_response wrapper in views.py would take care of that :)
Glad to hear it. There are times when you don't want to automatically include the context in the response, so it's generally good to have that level of control. That said, I believe you can use the direct_to_template generic view, instead of render_to_response, which will automatically include the context.
1

Also I would remove

'django.middleware.csrf.CsrfResponseMiddleware',

This is legacy and is being depreciated for security and performance issues.

Referece

answered May 13, 2011 at 18:44

1 Comment

I removed that. You're right, o read that is deprecated. Thanks you.

Your Answer

Draft saved
Draft discarded

Sign up or log in

Sign up using Google
Sign up using Email and Password

Post as a guest

Required, but never shown

Post as a guest

Required, but never shown

By clicking "Post Your Answer", you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.