About CSRF Cookie on Any Page

By default, CSRF cookie is only passed to the Django views which render CSRF token. To ensure that it is used on any specific page, for instance, a template view that has some forms rendered by JavaScript, use the @ensure_csrf_cookie decorator:

from django.shortcuts import render
from django.views.decorators.csrf import ensure_csrf_cookie

@ensure_csrf_cookie
def index(request):
    return render(request, "index.html")

Tips and Tricks Programming Development Security Django 5.2 Django 4.2 Cookies

Share
on X
Share
on Facebook
Share
on LinkedIn

Also by me

Django Paddle Subscriptions app

For Django-based SaaS projects.

Django App for You

Django GDPR Cookie Consent app

For Django websites that use cookies.

Django App for You

Book for You

Django 3 Web Development Cookbook

Learn how to build practical web projects with Django 3.

SaaS for You

Online prioritizer "1st things 1st"

It's not for everyone, but it might be for you!