Ticket #16704: 16704.diff

File 16704.diff, 837 bytes (added by paulcwatts, 13 years ago)

  • docs/ref/contrib/csrf.txt

     
    146146:ttag:`csrf_token`, you may need to ensure the client receives the cookie by
    147147using :func:`~django.views.decorators.csrf.ensure_csrf_cookie`.
    148148
     149Other template engines
     150----------------------
     151
     152When using a different template engine such as Cheetah, you can manually set
     153the token in your forms as follows:
     154
     155.. code-block:: html
     156
     157    <div style="display:none">
     158        <input type="hidden" name="csrfmiddlewaretoken" value="$csrf_token"/>
     159    </div>
     160
     161You may use javascript similar to the :ref:`AJAX code <csrf-ajax>` above to
     162get the value of the CSRF token.
     163
    149164The decorator method
    150165--------------------
    151166
Back to Top