Hide csrf token in get method in the django

Question

How can I hide the CSRF token from the get method in the Django? When we call the get method then only the parameters need to visible in the browser URL rather than the CSRF token.

score 7 · Answer 1 · answered Dec 19 '18 at 10:19

7

The CSRF protection ignores GET requests (see how it works). Therefore you can simply remove {% csrf_token%} from the form in your template.

<form method="get" action=".">
  {% csrf_token %}<!-- remove this line -->
  {{ form }}
</form>

answered Dec 19 '18 at 10:19

Alasdair

298,606
55
578
516

score 4 · Answer 2 · answered Dec 19 '18 at 10:20

4

Remove {% csrf_token %} from your form in the template, you don't need it since you're making a GET request.

answered Dec 19 '18 at 10:20

ans2human

2,300
1
14
29

Hide csrf token in get method in the django

2 Answers2