2👍
✅
You need to use CSRF on the view that’s generating the form in the first place as well. Mostly, people use the same view for that and for processing the POST: for some reason, you’ve split them up into two, which is fine if you really want to but you must use the render (or RequestContext, or whatever) on the GET view too, because that’s responsible for generating and outputting the token that’s then checked in the POST.
So, your index view should just be:
def index(request):
return render(request, 'note/index.html', {'Name':"Guys"})
Source:stackexchange.com