Using Get In A Django Form

December 20, 2023 Post a Comment

I have a question regarding Django Forms and GET I have a form to download student scores in CSV format. The fields are name and year so I have a forms.py StudentDownloadForm(forms

Solution 1:

According to Django documentation (Cross Site Request Forgery protection):

For all incoming requests that are not using HTTP GET, HEAD, OPTIONS or TRACE, a CSRF cookie must be present, and the ‘csrfmiddlewaretoken’ field must be present and correct. If it isn’t, the user will get a 403 error.

And:

It deliberately ignores GET requests (and other requests that are defined as ‘safe’ by RFC 2616). These requests ought never to have any potentially dangerous side effects , and so a CSRF attack with a GET request ought to be harmless. RFC 2616 defines POST, PUT and DELETE as ‘unsafe’, and all other methods are assumed to be unsafe, for maximum protection.

So, you can omit CSRF token for GET requiests

Baca Juga

Django Celery Implementation - Oserror : [errno 38] Function Not Implemented
Improve Django View With Methods
Django Unresolved Importing In Eclipse

Python Playground

Using Get In A Django Form

Solution 1:

Post a Comment for "Using Get In A Django Form"