hi, better use csrf for your application security.
it is easier to disable it, but security for your app what you will think
after it running later.
do it correctly now or later .
Rgds,
Mulianto
On Mon, Sep 24, 2012 at 2:56 PM, yati sagade <yati.sag...@gmail.com> wrote:
> Remove {% csrf_token %} from the form AND leave the csrf_exempt decorator
> as it is in the view. Everyone faces challenges while learning a new thing.
> The key is to face it head on and not to move to somewhere you think there
> will be no challenges :)
>
>
> On Mon, Sep 24, 2012 at 1:14 AM, puneet loya <puneetl...@gmail.com> wrote:
>
>> Hi
>>
>> I was trying to disable csrf . I am calling post using ajax.
>>
>> I have used the csrf token placed it below the form.
>>
>> In my views file i m using the csrf exempt.
>>
>> I am still getting the network forbidden error. :(
>>
>> If you require more information i will share it :)
>>
>> On Thursday, 19 August 2010 06:49:02 UTC+5:30, chenge wrote:
>>>
>>>
>>>
>>> On 8月18日, 上午4时29分, Rolando Espinoza La Fuente <dark...@gmail.com>
>>> wrote:
>>> > On Tue, Aug 17, 2010 at 8:01 AM, chenge <cheng...@gmail.com> wrote:
>>> > > I'm new to django. CSRF let me crazy!
>>> >
>>> > Can't use {% csrf_token %} tag inside your <form>'s?
>>> >
>>> > See csrf_exempt decorator:http://docs.**djangoproject.com/en/dev/ref/*
>>> *contrib/csrf/#exceptions<http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#exceptions>
>>> >
>>> > Regards,
>>> >
>>> > Rolando Espinoza La fuentewww.insophia.com
>>>
>>> Thanks, I decide try flask first, that seems simple. Maybe I'll try
>>> the exempt.
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msg/django-users/-/BQ5RpafQK3EJ.
>> To post to this group, send email to django-users@googlegroups.com.
>> To unsubscribe from this group, send email to
>> django-users+unsubscr...@googlegroups.com.
>> For more options, visit this group at
>> http://groups.google.com/group/django-users?hl=en.
>>
>
>
>
> --
> Yati Sagade
>
> Software Engineer at mquotient <http://www.mquotient.net/>
> <http://twitter.com/yati_itay>
>
> Twitter: @yati_itay <http://twitter.com/yati_itay> | Github:
> yati-sagade<https://github.com/yati-sagade>
>
> Organizing member of TEDx EasternMetropolitanBypass
> http://www.ted.com/tedx/events/4933
>
> https://www.facebook.com/pages/TEDx-EasternMetropolitanBypass/337763226244869
>
>
>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To post to this group, send email to django-users@googlegroups.com.
> To unsubscribe from this group, send email to
> django-users+unsubscr...@googlegroups.com.
> For more options, visit this group at
> http://groups.google.com/group/django-users?hl=en.
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
