Skip to main content
This is a pre-production deployment of Warehouse. Changes made here affect the production instance of PyPI (
Help us improve Python packaging - Donate today!

A signed Django form

Project Description

A small library that provides a form class that signs a configurable set of hidden fields using django.core.signing.

The most common use case for such a form is when the view that handles the post differs from the view that sets up the form, but you need to pass some information from one view to the other, without evil hackers tampering with your precious data.


Subclass SignedForm, and define which fields should be signed:

from signedforms.forms import SignedForm

class MyForm(SignedForm):
    signed_fields = ['redirect_url',]

    redirect_url = forms.CharField(required=False, widget=forms.HiddenInput)

In the form that sets up the view, provide the data to be signed in the initial dictionary:

my_form = MyForm(initial={'redirect_url': self.request.path_info})

and in the view that handles the posted form:

def form_valid(self, form):
    # do some work
    return HttpResponseRedirect(form.cleaned_data['redirect_url'])


If the user tampered with the hidden data, the form will not validate.


Only fields that contain JSON-serializable data can be signed. This includes all fields that are represented as text in the database, but not datetimes and other more “complex” types.

Release History

This version
History Node


History Node


Download Files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Filename, Size & Hash SHA256 Hash Help File Type Python Version Upload Date
(4.0 kB) Copy SHA256 Hash SHA256
Source None May 13, 2013

Supported By

Elastic Elastic Search Pingdom Pingdom Monitoring Dyn Dyn DNS Sentry Sentry Error Logging CloudAMQP CloudAMQP RabbitMQ Heroku Heroku PaaS Kabu Creative Kabu Creative UX & Design Fastly Fastly CDN DigiCert DigiCert EV Certificate Google Google Cloud Servers DreamHost DreamHost Log Hosting