Skip to main content

A signed Django form

Project description

A small library that provides a form class that signs a configurable set of hidden fields using django.core.signing.

The most common use case for such a form is when the view that handles the post differs from the view that sets up the form, but you need to pass some information from one view to the other, without evil hackers tampering with your precious data.


Subclass SignedForm, and define which fields should be signed:

from signedforms.forms import SignedForm

class MyForm(SignedForm):
    signed_fields = ['redirect_url',]

    redirect_url = forms.CharField(required=False, widget=forms.HiddenInput)

In the form that sets up the view, provide the data to be signed in the initial dictionary:

my_form = MyForm(initial={'redirect_url': self.request.path_info})

and in the view that handles the posted form:

def form_valid(self, form):
    # do some work
    return HttpResponseRedirect(form.cleaned_data['redirect_url'])

Project details

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

django-signedforms-0.2.tar.gz (4.0 kB view hashes)

Uploaded source

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page