Django Forbidden (CSRF token missing.)

I am facing a problem to submit a text in Django. When I click Insert, the message Forbidden (CSRF token missing.): appears. Can somebody help me?

I put the CSRF token in the html file, but still no working. I do not know if the csrf is in the wrong part of the code or not.

csrf_token %} load crispy_forms_tags %}

Modal Header --> Show gabarit ×

Modal body --> {{commande}}

if formset %} Variables endif %}

          <div id="modal" style="display:none;">
              <div id="variables-container"></div>
              <button class="mb-2 btn btn-outline-secondary mr-2" 

id="insert-button" type="button" onclick="closeModal()">Insérer

        <div id='result'></div>

    </div>


 </div>

</div>


<script>

function openModal() { var inputText = document.getElementById("input-text").value; var variableNames = inputText.match(/{(.*?)}/g); var variablesContainer = document.getElementById("variables-container"); variablesContainer.innerHTML = ""; for (var i = 0; i < variableNames.length; i++) { var variableName = variableNames[i].slice(1, -1); variablesContainer.innerHTML += "" + variableName + ":"; } document.getElementById("modal").style.display = "block"; }

function closeModal() { var inputText = document.getElementById("input-text").value; var variableNames = inputText.match(/{(.*?)}/g); for (var i = 0; i < variableNames.length; i++) { var variableName = variableNames[i].slice(1, -1); var variableValue = document.getElementById("variable-"+ variableName).value; inputText = inputText.replace(variableNames[i], variableValue); } document.getElementById("input-text").value = inputText; document.getElementById("modal").style.display = "none"; document.getElementById("variables-button").style.display = "none";

var xhr = new XMLHttpRequest(); xhr.open("POST", "{% url 'gabarits:save-variables-text' %}", true); xhr.setRequestHeader("Content-Type", "application/x-www-form-urlencoded"); xhr.onreadystatechange = function() { if (xhr.readyState === XMLHttpRequest.DONE && xhr.status === 200) { console.log("Input text saved successfully."); }

      };

xhr.send("text=" + inputText); }

Back to Top