[Django] CSRF Middleware - change csrf_token output (from xHTML to HTML)

Question

Hi! I've a problem with django csrf middleware... when I use the template tag csrf_token I get this output:

<div style='display:none'><input type='hidden' name='csrfmiddlewaretoken' value='6bda3605af31dd8595d2a67d0dda827b' /></div>

but I want this output (HTML not xHTML:

<div style='display:none'><input type='hidden' name='csrfmiddlewaretoken' value='6bda3605af31dd8595d2a67d0dda827b'></div>

I tryed to see the code in django.middleware.csrf.CsrfViewMiddleware but with no success :(

So, how can I change the output fo csrf_token tag?

tanks

Answer 1

You have to go and edit django.template.defaulttags.py: At line 48 there is the output of the tag, and you may change it as you wish.

Please note that this is a development feature, and as such, subject to change - updating Django will likely remove your change!.
Also, please take the time to go look for a ticket about this particular problem: the solution I proposed will likely fix your problem, but I think that an “official” fix would be a lot nicer.

Answer 2

Here is my fix to the problem.

{% with csrf_token as csrf_token_clean %}{{ csrf_token_clean }}{% endwith %}

In your template, this will return only the token key, so you can write your own valid HTML input tag, like this.

<input type="hidden" name="csrfmiddlewaretoken" value="{% with csrf_token as csrf_token_clean %}{{ csrf_token_clean }}{% endwith %}" >

Source: http://www.phptodjango.com/2010/07/django-csrftoken-template-tag-fix.html