General tips

  • Whenever you create a form that alters data server-side, use method=”post”.
  • You should always return an HttpResponseRedirect after successfully dealing with POST data.

Django tips

  • All POST forms that are targeted at internal URLs should use the {% csrf_token %} template tag.