Tay Ray Chuan home archive

inserting {% csrf_token %} in django templates

Thu, 10 Jun 2010 14:39:15 +0800 | Filed under django

Here's a quick script to append {% csrf_token %} at the end of the opening <form> tag across your html files:

$ grep -REli --include="*.html" "<form.+method[[:space:]]?=[[:space:]]?['\"]?post['\"]?" . \
| xargs sed -i -re "s|(<form.+method[^=]*=\W?post[^>]+>)|\1{% csrf_token %}|i"

For git users, you can use git-grep instead of recursing through blindly:

$ git grep -Eli "<form.+method[[:space:]]?=[[:space:]]?['\"]?post['\"]?" \
| grep html \
| xargs sed -i -re "s|(<form.+method[^=]*=\W?post[^>]+>)|\1{% csrf_token %}|i"

Note that we don't check if {% csrf_token %} has already been inserted. We also don't handle multi-line <form> tags.

blog comments powered by Disqus