Do you have 'django.middleware.csrf.CsrfViewMiddleware' specified in your settings?
On Sep 28, 2:55 pm, Saad Sharif <myscotlandproj...@gmail.com> wrote: > Hi all, > I want to create a simple login form in django..Please > help I am a complete beginner > > My Code: > <form method="post" action="/login/" ENCTYPE="multipart/form-data" > dojoType="dijit.form.Form" >{% csrf_token %} > username <input> > password <input type="password"> > <button> login <input type="submit" value="Submit"> > </form> > > Error Message (when I press login button) : > > Forbidden (403) > > CSRF verification failed. Request aborted. > Help > > Reason given for failure: CSRF token missing or incorrect. > > In general, this can occur when there is a genuine Cross Site Request > Forgery, or when Django's CSRF mechanism has not been used correctly. > For POST forms, you need to ensure: > > * The view function uses RequestContext for the template, instead > of Context. > * In the template, there is a {% csrf_token %} template tag inside > each POST form that targets an internal URL. > * If you are not using CsrfViewMiddleware, then you must use > csrf_protect on any views that use the csrf_token template tag, as > well as those that accept the POST data. > > You're seeing the help section of this page because you have DEBUG = > True in your Django settings file. Change that to False, and only the > initial error message will be displayed. > > You can customize this page using the CSRF_FAILURE_VIEW setting." > > Please help me out -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.