Hi, Despite my middleware being setup and calling the csrf token in my templates, the urls do not contain a randomly generated token - can anyone help - I have used this the exact same way <I believe> in other projects but cannot get this one to work.
Settings.py MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', 'django.middleware.csrf.CsrfViewMiddleware', #Csrf Middleware is added 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', ]
html template
<form method="POST" action="/update/{{ComicInput.id}}" novlaidate enctype="multipart/form-data">{%csrf_token%} <table class="table table-striped"> @login_required(login_url="/login/") def edit(request, id): record = ComicInput.objects.get(pk = id) form = editform(request.POST or None, request.FILES or None, instance=record) if request.user == record.uid: return render(request, 'app/edit.html',{'form':form,"ComicInput":record}) else: raise PermissionDenied # import it from django.core.exceptions {{form}} </table> <input type="submit" value="Update"/> | <a href="{% url 'ComicInventory' %}"> View Collection</a> </form>
view.py