What should the XML look like? On Jul 6, 12:03 pm, Nikolas Stevenson-Molnar <nik.mol...@consbio.org> wrote: > Perhaps it's expecting XML in the request and trying to parse your POST data > (which is not XML)? > > _Nik > > On Jul 6, 2012, at 6:03 AM, Jeff Silverman wrote: > > > > > Ok Nik. I have removed the CSRF middleware and get a brand new error. > > > XMLSyntaxError at /hello/ > > error parsing attribute name, line 1, column 6Request Method: POST > > Request URL:http://piadm42.troweprice.com:5555/hello/ > > Django Version: 1.3.1 > > Exception Type: XMLSyntaxError > > Exception Value: error parsing attribute name, line 1, column 6 > > Exception Location: /usr/lib/python2.6/site-packages/ > > soaplib-2.0.0_beta1-py2.6.egg/soaplib/core/_base.py in > > _parse_xml_string, line 248 > > Python Executable: /usr/bin/python > > Python Version: 2.6.6 > > > The POST in fiddler is something like this -> http://mysite.com:5555/hello/ > > and the request body contains -> <name=fred×=2> > > > On Jul 5, 10:35 pm, Nikolas Stevenson-Molnar <nik.mol...@consbio.org> > > wrote: > >> Yes, I would expect a 403 when the CSRF middleware is active, the > >> decorator is not used, and no CSRF token is provided. This is the > >> intended behavior. You can fix this in a few ways: > > >> 1. Apply the decorator to the __call__ method (rather than to the class > >> itself). If I understand how this code works, that should correctly > >> disable CSRF for the view. > >> 2. Provide a CSRF value with the POST data, as you suggested. This all > >> depends on how the request is made. Django's CSRF system relies on a > >> CSRF value set in a cookie. You have to mimic a browsers cookie > >> functionality, then use the value of the CSRF cookie with evey > >> request you make. By default, the cookie name is 'csrftoken'. For > >> more info on the CSRF process: > >> https://docs.djangoproject.com/en/1.4/ref/contrib/csrf/ > >> 3. Disable CSRF altogether. Simply remove the CsrfViewMiddleware from > >> your settings and you're good to go. > > >> _Nik > > >> On 7/5/2012 6:22 PM, Jeff Silverman wrote: > > >>> Nik, if I remove the csrf decorator and leave the middleware in place, > >>> I get the 403. Is there a way to add the token on the POST command, > >>> or is there another way of leaving the middleware in place, but turn > >>> off csrf without using the decorator? > > >>> On Thursday, July 5, 2012 8:33:51 PM UTC-4, Jeff Silverman wrote: > > >>> Nik, I will give that a try. The reason for the decorator was > >>> that I was getting 403 forbidden, and the decorator made that one > >>> go away. If I remove the csrf from the settings file, will that > >>> solve that problem? > > >>> On Tuesday, July 3, 2012 9:32:20 AM UTC-4, Jeff Silverman wrote: > > >>> Below is the code from the views.py > > >>> The405is retunred from the 'return super(DjangoSoapApp, > >>> self).__init__(Application(services, tns))' statement. I am > >>> using > >>> python 2.6, soaplib20 and django 1.3. I am struggling to > >>> understand > >>> what exactly is wrong here. > > >>> class HelloWorldService(DefinitionBase): > >>> @soap(String,Integer,_returns=Array(String)) > >>> def say_smello(self,name,times): > >>> results = [] > >>> for i in range(0,times): > >>> results.append('Hello, %s'%name) > >>> return results > > >>> class DjangoSoapApp(WSGIApplication): > >>> csrf_exempt = True > > >>> def __init__(self, services, tns): > >>> """Create Django view for given SOAP soaplib services and > >>> tns""" > > >>> return super(DjangoSoapApp, > >>> self).__init__(Application(services, tns)) > > >>> def __call__(self, request): > >>> django_response = HttpResponse() > > >>> def start_response(status, headers): > >>> django_response.status_code = int(status.split(' > >>> ', 1)[0]) > >>> for header, value in headers: > >>> django_response[header] = value > > >>> response = super(DjangoSoapApp, > >>> self).__call__(request.META, > >>> start_response) > >>> django_response.content = '\n'.join(response) > > >>> return django_response > > >>> # the view to use in urls.py > >>> hello_world_service = DjangoSoapApp([HelloWorldService], > >>> '__name__') > > >>> -- > >>> You received this message because you are subscribed to the Google > >>> Groups "Django users" group. > >>> To view this discussion on the web visit > >>>https://groups.google.com/d/msg/django-users/-/WpDQ4UjGEQwJ. > >>> To post to this group, send email to django-users@googlegroups.com. > >>> To unsubscribe from this group, send email to > >>> django-users+unsubscr...@googlegroups.com. > >>> For more options, visit this group at > >>>http://groups.google.com/group/django-users?hl=en.-Hide quoted text - > > >> - Show quoted text - > > > -- > > You received this message because you are subscribed to the Google Groups > > "Django users" group. > > To post to this group, send email to django-users@googlegroups.com. > > To unsubscribe from this group, send email to > > django-users+unsubscr...@googlegroups.com. > > For more options, visit this group > > athttp://groups.google.com/group/django-users?hl=en.- Hide quoted text - > > - Show quoted text -
-- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
