csrf_token Tag

Utility Most Useful

Documentation

The {% csrf_token %} tag must be included in all Django forms.

This will generate a hidden input in the form like this:

<input type="hidden" name="csrfmiddlewaretoken" value="ogCnWDqYM5XnnkQWaVz49uLeEj5qYYh3RGTnMEAKy3zYsiWZx4PNoCm2ata02pjR">

This value will be checked using Django’s built-in middleware to protect against cross site request forgery.

Commentary

Use it.


Did we get something wrong? Is there a use case for the csrf_token tag that we should add? Please let us know.

Send Feedback

Official Documentation
This page last updated on April 14, 2020, 4:54 p.m. EST