问题
I've a problem with django csrf middleware... when I use the template tag csrf_token I get this output:
<div style='display:none'><input type='hidden' name='csrfmiddlewaretoken' value='6bda3605af31dd8595d2a67d0dda827b' /></div>
but I want this output (HTML not xHTML:
<div style='display:none'><input type='hidden' name='csrfmiddlewaretoken' value='6bda3605af31dd8595d2a67d0dda827b'></div>
I tryed to see the code in django.middleware.csrf.CsrfViewMiddleware but with no success :(
So, how can I change the output fo csrf_token tag?
tanks
回答1:
You have to go and edit django.template.defaulttags.py: At line 48 there is the output of the tag, and you may change it as you wish.
Please note that this is a development feature, and as such, subject to change - updating Django will likely remove your change!.
Also, please take the time to go look for a ticket about this particular problem: the solution I proposed will likely fix your problem, but I think that an “official” fix would be a lot nicer.
回答2:
Here is my fix to the problem.
{% with csrf_token as csrf_token_clean %}{{ csrf_token_clean }}{% endwith %}
In your template, this will return only the token key, so you can write your own valid HTML input tag, like this.
<input type="hidden" name="csrfmiddlewaretoken" value="{% with csrf_token as csrf_token_clean %}{{ csrf_token_clean }}{% endwith %}" >
Source: http://www.phptodjango.com/2010/07/django-csrftoken-template-tag-fix.html
回答3:
The solution is actually very simple:
<input type="hidden" name="csrfmiddlewaretoken" value="{{ csrf_token }}">
There is no point in {% with %} construct.
来源:https://stackoverflow.com/questions/2172252/csrf-middleware-change-csrf-token-output-from-xhtml-to-html