It's possible that the CSRF token isn't being sent correctly. As a test,
try adding the @csrf_exempt decorator to your view. If you no longer get
the 403, then it's a CSRF problem.
_Nik
On 10/24/2012 6:31 AM, Stone wrote:
> My Django application is running on real server (apache2-2.2.22).
> In urls.py is mentioned:
> (r'^configSave/$', configSave),
>
> My HTML is bellow. After pressing on configSave I am receiving HTTP
> 403 error page.
>
> In view.py is mentioned:
> def configSave(request):
> configFile={}
> if os.path.isfile(SSO_CONF) != False:
> f = open(SSO_CONF,"r")
> for line in f:
> line = line.strip()
> if re.search('^#',line) != None:
> '''print 'This is the commentary'''
> else:
> '''print line'''
> try:
> name, value = line.split('=',2)
> configFile[name]=value
> print '<%s>%s</%s>' % (name, value,
> name)
> except ValueError, err:
> ''' print 'This is empty row'''
> configFile['SlaveDeactAppl']=configFile['SlaveDeactAppl'].split(',');
>
> configFile['SlaveDeactScripts']=configFile['SlaveDeactScripts'].split(',');
> configFile={}
> if os.path.isfile(SSO_CONF) != False:
> f = open(SSO_CONF,"r")
> for line in f:
> line = line.strip()
> if re.search('^#',line) != None:
> '''print 'This is the commentary'''
> else:
> '''print line'''
> try:
> name, value = line.split('=',2)
> configFile[name]=value
> print '<%s>%s</%s>' % (name, value,
> name)
> except ValueError, err:
> ''' print 'This is empty row'''
> configFile['SlaveDeactAppl']=configFile['SlaveDeactAppl'].split(',');
>
> configFile['SlaveDeactScripts']=configFile['SlaveDeactScripts'].split(',');
> c = {}
> c = Context({
> 'config':configFile,
> 'item':2,
> })
> c.update(csrf(request))
> return
> render_to_response('config.html',c,context_instance=RequestContext(request))
>
> By the way how to really fast define logging mechanism which can be
> use for debugging.
>
> Is this my programmer approach corrector is there any other way how to
> react on the pressing of button?
>
> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://
> www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
> {% extends "index.html" %}
> {% block content %}
> <html lang="en-US" xml:lang="en-US" xmlns="http://www.w3.org/1999/
> xhtml">
> <script type="text/javascript">
> top.helpID="SSO_config";
> $(document).ready(function () {
>
> function sendAjax()
> {
> $(document).ajaxSend(function(event, xhr, settings) {
> function getCookie(name) {
> var cookieValue = null;
> if (document.cookie && document.cookie != '') {
> var cookies = document.cookie.split(';');
> for (var i = 0; i < cookies.length; i++) {
> var cookie = jQuery.trim(cookies[i]);
> if (cookie.substring(0, name.length + 1) == (name
> + '=')) {
> cookieValue =
> decodeURIComponent(cookie.substring(name.length + 1));
> break;
> }
> }
> }
> return cookieValue;
> }
> function sameOrigin(url) {
> var host = document.location.host; // host + port
> var protocol = document.location.protocol;
> var sr_origin = '//' + host;
> var origin = protocol + sr_origin;
> // Allow absolute or scheme relative URLs to same origin
> return (url == origin || url.slice(0, origin.length + 1)
> == origin + '/') ||
> (url == sr_origin || url.slice(0, sr_origin.length +
> 1) == sr_origin + '/') ||
> !(/^(\/\/|http:|https:).*/.test(url));
> }
> function safeMethod(method) {
> return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
> }
> if (!safeMethod(settings.type) && sameOrigin(settings.url)) {
> xhr.setRequestHeader("X-CSRFToken",
> getCookie('csrftoken'));
> }
> });
> }
>
> $("#saveCfg").click(function(event){
>
> sendAjax();
> $.ajax({
> type: "POST",
> url: "/SSO/configSave/",
> dataType: "text",
> success: function(data) {
> alert(data);
> },
> error: function(xhr,ajaxOptions,thrownError) {
> alert(xhr.status +" "+xhr.statusText);
> alert(thrownError);
> }
> });
> });
>
>
> });
> </script>
>
> <body class="bodyClass">
> <table class="body_table">
> <tr>
> <th colspan="4" class="thead"><b> IP configuration</b></
> th>
> </tr>
> <tr>
> <td>Master IP address</td>
> <td>
> <input id="mip" style="width: 100px;"
> value="{{config.MasterIPAddress}}"/>
> </td>
> <td>Slave IP address</td>
> <td>
> <input id="sip" style="width: 100px;"
> value="{{config.SlaveIPAddress}}"/>
> </td>
> </tr>
> <tr>
> <td>Master netmask</td>
> <td>
> <input id="mnetmask" style="width: 100px;"
> value="{{config.MasterIPNetmask}}"/>
> </td>
> <td>Slave netmask</td>
> <td>
> <input id="snetmask" style="width: 100px;"
> value="{{config.SlaveIPNetmask}}"/>
> </td>
> </tr>
> <tr>
> <td>Master broadcast</td>
> <td>
> <input id="mbroadcast" style="width: 100px;"
> value="{{config.MasterIPBroadcast}}"/>
> </td>
> <td>Slave broadcast</td>
> <td>
> <input id="sbroadcast" style="width: 100px;"
> value="{{config.SlaveIPBroadcast}}"/>
> </td>
> </tr>
> <tr>
> <td></td>
> <td></td>
> <td></td>
> <td></td>
> </tr>
> <tr>
> <td>Lancard name</td>
> <td><span id="cardname"></span>{{config.LanCardName}}</td>
> <td>MAC address</td>
> <td><input id="cardmac" value="{{config.LanCardMAC}}"/></td>
> </tr>
> <tr>
> <th colspan="4" class="thead"><b> Configuration
> parameters</b>
> </th>
> </tr>
> <tr>
> <td>Replication frequency</td>
> <td>
> <select id="freq">
> <option {% if config.MasterBackupFrequency =
> "daily" %}
> selected="selected"{% endif %}>daily</option>
> <option {% if config.MasterBackupFrequency =
> "Monday" %}
> selected="selected"{% endif %}>Monday</option>
> <option {% if config.MasterBackupFrequency =
> "Thusday" %}
> selected="selected"{% endif %}>Thusday</option>
> <option {% if config.MasterBackupFrequency =
> "Wednesday" %}
> selected="selected"{% endif %}>Wednesday</option>
> <option {% if config.MasterBackupFrequency =
> "Thursday" %}
> selected="selected"{% endif %}>Thursday</option>
> <option {% if config.MasterBackupFrequency =
> "Friday" %}
> selected="selected"{% endif %}>Friday</option>
> <option {% if config.MasterBackupFrequency =
> "Saturday" %}
> selected="selected"{% endif %}>Saturday</option>
> <option {% if config.MasterBackupFrequency =
> "Sunday" %}
> selected="selected"{% endif %}>Sunday</option>
> </select>
> </td>
> <td>Replication time</td>
> <td><input style="width: 40%;" id="backuptime"
> value="{{config.MasterBackupStartTime}}"/></td>
> </tr>
> <tr>
> <td valign="top">Slave deactivated application</td>
> <td style="width: 20%;"><span id="appl">
> {% for appl in config.SlaveDeactAppl %}
> {{ appl }}<br>
> {% endfor %}
> </span></td>
> <td valign="top">Slave deactivated scripts</td>
> <td style="width: 20%;"><span id="scripts">
> {% for appl in config.SlaveDeactScripts %}
> {{ appl }}<br>
> {% endfor %}
> </span></td>
> </tr>
> <!-- <div id="buttonPanel" style="display: block;">
> <button id="saveTime" class="submitButton ui-state-default ui-
> corner-all ui-priority-primary">Save replication parameters</button>
> </div> -->
> <tr>
> <th colspan="4" class="thead"><b> Replication parameters</
> b>
> </th>
> </tr>
> <tr>
> <td>Replication enable</td>
> <td><input type="checkbox" id="replEnable" {% if
> config.ReplicationEnable = "yes" %}checked="checked"{% endif %}/></td>
> <td>Account used for replication</td>
> <td>
> <select id="account">
> <option {% if config.ReplicationAccount =
> "engr" %}
> selected="selected"{% endif %}>engr</option>
> <option {% if config.ReplicationAccount =
> "root" %}
> selected="selected"{% endif %}>root</option>
> </select>
> </td>
> </tr>
> <tr>
> <td>ReplicationRetryInterval</td>
> <td><span
> id="interval">{{config.ReplicationRetryInterval}}</span></
> td>
> <td>ReplicationRetryCount</td>
> <td><span
> id="count">{{config.ReplicationRetryCount}}</span></td>
> </tr>
> <tr valign="center" align="center" colspan="4">
> <td colspan="4">
> <input type="button" id="saveCfg" valign="center"
> class="submitButton ui-state-default ui-corner-all ui-priority-
> primary" onclick="javascript:location.href='/SSO/configSave/';"
> style="width:200px;" value="Save complete settings"/>
> </td>
> </tr>
> </table>
> </body>
> </html>
> {% endblock %}
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
