Disable CSRF Verification in Django Class-Based View

While working on a Django web app, I had to disable CSRF protection in a view. The goal was that our API was accepting data from another part of our website and we needed to skip the CSRF protection just for that one page.

There are two great answers on how to do this on StackOverflow:

  1. How to disable Django’s CSRF validation?
  2. How can I disable Django’s CSRF protection only in certain cases?

And nice documentation for Django Rest Framework on disabling CSRF for AJAX calls.

The answer is basically to use the csrf_exempt as a function that wraps the class-based view’s .as_view call and to do this in the urls.py routing file.

For example,


will become


Author: Rudolf Olah

Rudolf Olah is a software development expert with over 6 years of professional software developer experience. He has produced the video course Learning AngularJS Testing for PacktPublishing and works on the strategic as well as the tactical parts of software and web devleopment.

Leave a Reply and Share Your Thoughts