I am trying to implement a form for advanced search in django templates using crispy forms. But when I search and get redirected to the results page, I have the csrf token in the URL.
http://127.0.0.1:8000/search/?csrfmiddlewaretoken=EjwC5ExYEy8A9j4X9zAqXKIXrKSiApvoUeQYXgr0ieUJmo0m69uJY2zCLFaWz8Xe&name=test_csc&room=&form_index=
I do have a POST form later in the index.html file that I use a csrf token with, but even if I remove all instances of {% csrf_token %} anywhere, the url still has the csrf token in it.
I do not explicitly mention anything to do with csrf in my views file.
The advanced search in index.html:
<form action ="{% url 'app:search_results' %}" method="GET" id="form_index">
<div class="form-group">
{% crispy form_index %}
</div>
</form>
<footer class="major">
<ul class="actions special">
<li><button type="submit" class="button" form="form_index" name="form_index">Search</button></li>
</ul>
</footer>
I should mention that form_index is also used as a form to add something to the database. But I did create a separate form specifically for advanced search to test if it changed anything with the csrf in the url, and it didn't: it was still in the url with the separate form.
I have read the Django documentation concerning the csrf token. I haven't used {% csrf_token %} with a GET request. I have looked at and tried answers Avoid CSRF token in URLS, and django csrf_token in search result url, and Using GET in a Django Form, which didn't solve my problem.
How to do I fix this?
