[Django] #24449: Link in debug information for csrf points to dead link

Thu, 05 Mar 2015 04:54:13 -0800 

#24449: Link in debug information for csrf points to dead link
-------------------------------+--------------------
     Reporter:  wimfeijen      |      Owner:  nobody
         Type:  Uncategorized  |     Status:  new
    Component:  Uncategorized  |    Version:  1.4
     Severity:  Normal         |   Keywords:
 Triage Stage:  Unreviewed     |  Has patch:  0
Easy pickings:  0              |      UI/UX:  0
-------------------------------+--------------------
 The link pointing to:
 https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ref-contrib-csrf
 gives a 404 Page Not Found error.

 Sometimes is going wrong with my csrf and I get the following error page,
 which contains the faulty link:

 Forbidden (403)
 CSRF verification failed. Request aborted.
 Help
 Reason given for failure:
 CSRF cookie not set.

 In general, this can occur when there is a genuine Cross Site Request
 Forgery, or when Django's CSRF mechanism has not been used correctly. For
 POST forms, you need to ensure:
 Your browser is accepting cookies.
 The view function uses RequestContext for the template, instead of
 Context.
 In the template, there is a {% csrf_token %} template tag inside each POST
 form that targets an internal URL.
 If you are not using CsrfViewMiddleware, then you must use csrf_protect on
 any views that use the csrf_token template tag, as well as those that
 accept the POST data.
 You're seeing the help section of this page because you have DEBUG = True
 in your Django settings file. Change that to False, and only the initial
 error message will be displayed.
 You can customize this page using the CSRF_FAILURE_VIEW setting.

--
Ticket URL: <https://code.djangoproject.com/ticket/24449>
Django <https://code.djangoproject.com/>
The Web framework for perfectionists with deadlines.

-- 
You received this message because you are subscribed to the Google Groups 
"Django updates" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-updates+unsubscr...@googlegroups.com.
To post to this group, send email to django-updates@googlegroups.com.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-updates/052.893118d9a0d25ed60ecddb84dc8afd03%40djangoproject.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to