It seems that there is no way to add data to the ckeditor boot data without editing the ckeditor source code. The source code to be changed is plugins / dialogui / plugin.js, around lines 1440 in ckeditor 3.6.2, where ckeditor creates the form used by the iframe to load.
// ADDED TO CKEDITOR CODE %< var csrfitems = document.getElementsByName("csrfmiddlewaretoken") var csrftoken = "" if(csrfitems.length > 0) csrftoken = csrfitems[0].value // >% END OF ADDED CODE if ( elementDefinition.size ) size = elementDefinition.size - ( CKEDITOR.env.ie ? 7 : 0 ); // "Browse" button is bigger in IE. frameDocument.$.write( [ '<html dir="' + langDir + '" lang="' + langCode + '"><head><title></title></head><body style="margin: 0; overflow: hidden; background: transparent;">', '<form enctype="multipart/form-data" method="POST" dir="' + langDir + '" lang="' + langCode + '" action="', CKEDITOR.tools.htmlEncode( elementDefinition.action ), '">', // ADDED TO CKEDITOR CODE '<input type="hidden" name="csrfmiddlewaretoken" value="',csrftoken,'"/>', // >% END OF ADDED CODE '<input type="file" name="', CKEDITOR.tools.htmlEncode( elementDefinition.id || 'cke_upload' ), '" size="', CKEDITOR.tools.htmlEncode( size > 0 ? size : "" ), '" />', '</form>',
And now we can safely load into ckeditor with django
source share