First time here? Check out the FAQ!

Revision history  [back]

Do your templates have {% csrf_token %} inside each <form>? I'd add them right after the <form> opening tag.

The template tag inserts a hidden field with a token to prevent cross site scripting.

edit maybe you have something missing in the settings.py? Sorry, somehow I assumed you've customized the skin and lost the csrf_tokens.

You'd need:

  • 'django.core.context_processors.csrf' in TEMPLATE_CONTEXT_PROCESSORS
  • CSRF_COOKIE_NAME - some string
  • CSRF_COOKIE_DOMAIN - your domain name - like 'example.com'

If CSRF_COOKIE_DOMAIN does not match yours, you'll see that error.

Do your templates have {% csrf_token %} inside each <form>? I'd add them right after the <form> opening tag.

The template tag inserts a hidden field with a token to prevent cross site scripting.

edit maybe you have something missing in the settings.py? Sorry, somehow I assumed you've customized the skin and lost the csrf_tokens.

You'd need:

  • 'django.core.context_processors.csrf' in TEMPLATE_CONTEXT_PROCESSORS
  • CSRF_COOKIE_NAME - some string
  • CSRF_COOKIE_DOMAIN - your domain name - like 'example.com'

If CSRF_COOKIE_DOMAIN does not match yours, you'll see that error.