Opened 8 years ago

Closed 8 years ago

Last modified 8 years ago

#26596 closed Bug (fixed)

Document {{ csrf_input }} in Jinja2 templates

Reported by: Aymeric Augustin Owned by: B. J. Potter
Component: Documentation Version: dev
Severity: Normal Keywords:
Cc: betojulio@… Triage Stage: Ready for checkin
Has patch: yes Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX: no

Description

It's the equivalent of {% csrf_token %} in Django templates.

It appears that I forgot to document it.

Attachments (1)

26596.diff (613 bytes ) - added by Alberto Julio Leal Rivera 8 years ago.
diff file

Download all attachments as: .zip

Change History (22)

comment:1 by Tim Graham, 8 years ago

There's a mention in the Jinja2 backend docs. Did you miss it or have another place in mind?

comment:2 by Aymeric Augustin, 8 years ago

I saw that mention but I don't think it's sufficiently explicit about how to use that variable.

We should say that:

  • {% csrf_token %} in Django templates translates to {{ csrf_input }} in Jinja2 templates
  • {{ csrf_token }} works identically in Django templates and in Jinja2 templates

comment:3 by Tim Graham, 8 years ago

Triage Stage: UnreviewedAccepted

comment:4 by Alberto Julio Leal Rivera, 8 years ago

Cc: betojulio@… added
Owner: changed from nobody to Alberto Julio Leal Rivera
Status: newassigned

by Alberto Julio Leal Rivera, 8 years ago

Attachment: 26596.diff added

diff file

comment:5 by Alberto Julio Leal Rivera, 8 years ago

Hi I just uploaded a diff file. Are this the changes needed?
Thanks

comment:6 by Aymeric Augustin, 8 years ago

I believe this information would be more discoverable in the CSRF reference documentation, either in the "How to use it" section or in a new section.

We should talk about:

  • the API offered by built-in template backends
  • requirements for third-party backends, as described in DEP 182 (basically they have to provide a solution, but that solution isn't specified)

This will likely require tweaking the content a bit to clarify that the main examples are specific to Django templates.

Last edited 8 years ago by Tim Graham (previous) (diff)

comment:7 by Alberto Julio Leal Rivera, 8 years ago

ok, I am working on it!

comment:8 by Alberto Julio Leal Rivera, 8 years ago

{% csrf_token %} in Django templates translates to {{ csrf_input }} in Jinja2 templates

This is already specified in https://docs.djangoproject.com/en/dev/ref/csrf/#other-template-engines

{{ csrf_token }} works identically in Django templates and in Jinja2 templates

Should I put another example in step # 2 in https://docs.djangoproject.com/en/dev/ref/csrf/#how-to-use-it ?, something like

<div style="display:none">
    <input type="hidden" name="csrfmiddlewaretoken" value="{{ csrf_token }}">
</div>

comment:9 by Aymeric Augustin, 8 years ago

The paragraph you just linked to only mentions {{ csrf_token }}, not {{ csrf_input }}.

It's precisely because it's incomplete that I filed this ticket.

comment:10 by Carl Meyer, 8 years ago

Owner: Alberto Julio Leal Rivera removed
Status: assignednew

Since it's been three weeks without a status update, I'm freeing this ticket up for claiming by a PyCon sprinter.

comment:11 by B. J. Potter, 8 years ago

Owner: set to B. J. Potter
Status: newassigned

comment:12 by Philip James, 8 years ago

Owner: changed from B. J. Potter to Philip James

comment:13 by Philip James, 8 years ago

Owner: Philip James removed
Status: assignednew

comment:14 by B. J. Potter, 8 years ago

Owner: set to B. J. Potter
Status: newassigned

comment:15 by B. J. Potter, 8 years ago

Has patch: set

comment:16 by Carl Meyer, 8 years ago

Patch needs improvement: set

comment:17 by B. J. Potter, 8 years ago

Patch needs improvement: unset

comment:18 by Carl Meyer, 8 years ago

Triage Stage: AcceptedReady for checkin

comment:19 by Tim Graham <timograham@…>, 8 years ago

Resolution: fixed
Status: assignedclosed

In 9c53facc:

Fixed #26596 -- Added Jinja2 {{ csrf_input }} documentation.

comment:20 by Tim Graham <timograham@…>, 8 years ago

In 926529d:

[1.10.x] Fixed #26596 -- Added Jinja2 {{ csrf_input }} documentation.

Backport of 9c53facc45908bc0593de194a60bc75e5d34a48e from master

comment:21 by Tim Graham <timograham@…>, 8 years ago

In 16ce7a51:

[1.9.x] Fixed #26596 -- Added Jinja2 {{ csrf_input }} documentation.

Backport of 9c53facc45908bc0593de194a60bc75e5d34a48e from master

Note: See TracTickets for help on using tickets.
Back to Top