I have a partial view and I provide it on some url with:
url(r'^main.html$', PartialGroupView.as_view(template_name='main.html'), name='main')
I am trying to read that url elsewhere in the code with:
partial = urllib2.urlopen(partial_url).read()
And than I want to send it to the user like:
return HttpResponse(partial)
And everything is working fine, but the problem is that the page contains a csrf token and afterwards, when the user gets the page that is sent to him, he tries to submit a form, but when he does, an error is thrown, saying that the token is missing or incorrect. On step one, if I use only this method to send the view to the user, than the token is working correctly.
So is there any way to preserve that token when I read the page in this way? Or is there any other way to read the page without violating the csrf?
Personal solution:
In my case I decided that there would be a better approach to this and gave up on reading the html from a url. I just send the partial this way:
render(request, demanded_partial_name)
since it is available locally.
The simplest option is to make the view CSRF exempt, as seen here.
A most likely better idea is to check out this SO post. Basically, what you're doing is passing in a dictionary of parameters when you encode the url, and that dictionary will contain the csrf middleware token.