From 9c53facc45908bc0593de194a60bc75e5d34a48e Mon Sep 17 00:00:00 2001 From: "B. J. Potter" Date: Thu, 2 Jun 2016 11:05:57 -0700 Subject: [PATCH] Fixed #26596 -- Added Jinja2 {{ csrf_input }} documentation. --- docs/ref/csrf.txt | 22 +++++++--------------- 1 file changed, 7 insertions(+), 15 deletions(-) diff --git a/docs/ref/csrf.txt b/docs/ref/csrf.txt index 332fd40afad..16290cbfb5e 100644 --- a/docs/ref/csrf.txt +++ b/docs/ref/csrf.txt @@ -148,24 +148,16 @@ If you're using AngularJS 1.1.3 and newer, it's sufficient to configure the $httpProvider.defaults.xsrfCookieName = 'csrftoken'; $httpProvider.defaults.xsrfHeaderName = 'X-CSRFToken'; -Other template engines ----------------------- +Using CSRF in Jinja2 templates +------------------------------ -When using a different template engine than Django's built-in engine, you can -set the token in your forms manually after making sure it's available in the -template context. +Django's :class:`~django.template.backends.jinja2.Jinja2` template backend +adds ``{{ csrf_input }}`` to the context of all templates which is equivalent +to ``{% csrf_token %}`` in the Django template language. For example: -For example, in the Jinja2 template language, your form could contain the -following: +.. code-block:: html+jinja -.. code-block:: html - -
- -
- -You can use JavaScript similar to the :ref:`AJAX code ` above to get -the value of the CSRF token. +
{{ csrf_input }} The decorator method --------------------