It's possible that the CSRF token isn't being sent correctly. As a test, try adding the @csrf_exempt decorator to your view. If you no longer get the 403, then it's a CSRF problem.
_Nik On 10/24/2012 6:31 AM, Stone wrote: > My Django application is running on real server (apache2-2.2.22). > In urls.py is mentioned: > (r'^configSave/$', configSave), > > My HTML is bellow. After pressing on configSave I am receiving HTTP > 403 error page. > > In view.py is mentioned: > def configSave(request): > configFile={} > if os.path.isfile(SSO_CONF) != False: > f = open(SSO_CONF,"r") > for line in f: > line = line.strip() > if re.search('^#',line) != None: > '''print 'This is the commentary''' > else: > '''print line''' > try: > name, value = line.split('=',2) > configFile[name]=value > print '<%s>%s</%s>' % (name, value, > name) > except ValueError, err: > ''' print 'This is empty row''' > configFile['SlaveDeactAppl']=configFile['SlaveDeactAppl'].split(','); > > configFile['SlaveDeactScripts']=configFile['SlaveDeactScripts'].split(','); > configFile={} > if os.path.isfile(SSO_CONF) != False: > f = open(SSO_CONF,"r") > for line in f: > line = line.strip() > if re.search('^#',line) != None: > '''print 'This is the commentary''' > else: > '''print line''' > try: > name, value = line.split('=',2) > configFile[name]=value > print '<%s>%s</%s>' % (name, value, > name) > except ValueError, err: > ''' print 'This is empty row''' > configFile['SlaveDeactAppl']=configFile['SlaveDeactAppl'].split(','); > > configFile['SlaveDeactScripts']=configFile['SlaveDeactScripts'].split(','); > c = {} > c = Context({ > 'config':configFile, > 'item':2, > }) > c.update(csrf(request)) > return > render_to_response('config.html',c,context_instance=RequestContext(request)) > > By the way how to really fast define logging mechanism which can be > use for debugging. > > Is this my programmer approach corrector is there any other way how to > react on the pressing of button? > > <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http:// > www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> > {% extends "index.html" %} > {% block content %} > <html lang="en-US" xml:lang="en-US" xmlns="http://www.w3.org/1999/ > xhtml"> > <script type="text/javascript"> > top.helpID="SSO_config"; > $(document).ready(function () { > > function sendAjax() > { > $(document).ajaxSend(function(event, xhr, settings) { > function getCookie(name) { > var cookieValue = null; > if (document.cookie && document.cookie != '') { > var cookies = document.cookie.split(';'); > for (var i = 0; i < cookies.length; i++) { > var cookie = jQuery.trim(cookies[i]); > if (cookie.substring(0, name.length + 1) == (name > + '=')) { > cookieValue = > decodeURIComponent(cookie.substring(name.length + 1)); > break; > } > } > } > return cookieValue; > } > function sameOrigin(url) { > var host = document.location.host; // host + port > var protocol = document.location.protocol; > var sr_origin = '//' + host; > var origin = protocol + sr_origin; > // Allow absolute or scheme relative URLs to same origin > return (url == origin || url.slice(0, origin.length + 1) > == origin + '/') || > (url == sr_origin || url.slice(0, sr_origin.length + > 1) == sr_origin + '/') || > !(/^(\/\/|http:|https:).*/.test(url)); > } > function safeMethod(method) { > return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method)); > } > if (!safeMethod(settings.type) && sameOrigin(settings.url)) { > xhr.setRequestHeader("X-CSRFToken", > getCookie('csrftoken')); > } > }); > } > > $("#saveCfg").click(function(event){ > > sendAjax(); > $.ajax({ > type: "POST", > url: "/SSO/configSave/", > dataType: "text", > success: function(data) { > alert(data); > }, > error: function(xhr,ajaxOptions,thrownError) { > alert(xhr.status +" "+xhr.statusText); > alert(thrownError); > } > }); > }); > > > }); > </script> > > <body class="bodyClass"> > <table class="body_table"> > <tr> > <th colspan="4" class="thead"><b> IP configuration</b></ > th> > </tr> > <tr> > <td>Master IP address</td> > <td> > <input id="mip" style="width: 100px;" > value="{{config.MasterIPAddress}}"/> > </td> > <td>Slave IP address</td> > <td> > <input id="sip" style="width: 100px;" > value="{{config.SlaveIPAddress}}"/> > </td> > </tr> > <tr> > <td>Master netmask</td> > <td> > <input id="mnetmask" style="width: 100px;" > value="{{config.MasterIPNetmask}}"/> > </td> > <td>Slave netmask</td> > <td> > <input id="snetmask" style="width: 100px;" > value="{{config.SlaveIPNetmask}}"/> > </td> > </tr> > <tr> > <td>Master broadcast</td> > <td> > <input id="mbroadcast" style="width: 100px;" > value="{{config.MasterIPBroadcast}}"/> > </td> > <td>Slave broadcast</td> > <td> > <input id="sbroadcast" style="width: 100px;" > value="{{config.SlaveIPBroadcast}}"/> > </td> > </tr> > <tr> > <td></td> > <td></td> > <td></td> > <td></td> > </tr> > <tr> > <td>Lancard name</td> > <td><span id="cardname"></span>{{config.LanCardName}}</td> > <td>MAC address</td> > <td><input id="cardmac" value="{{config.LanCardMAC}}"/></td> > </tr> > <tr> > <th colspan="4" class="thead"><b> Configuration > parameters</b> > </th> > </tr> > <tr> > <td>Replication frequency</td> > <td> > <select id="freq"> > <option {% if config.MasterBackupFrequency = > "daily" %} > selected="selected"{% endif %}>daily</option> > <option {% if config.MasterBackupFrequency = > "Monday" %} > selected="selected"{% endif %}>Monday</option> > <option {% if config.MasterBackupFrequency = > "Thusday" %} > selected="selected"{% endif %}>Thusday</option> > <option {% if config.MasterBackupFrequency = > "Wednesday" %} > selected="selected"{% endif %}>Wednesday</option> > <option {% if config.MasterBackupFrequency = > "Thursday" %} > selected="selected"{% endif %}>Thursday</option> > <option {% if config.MasterBackupFrequency = > "Friday" %} > selected="selected"{% endif %}>Friday</option> > <option {% if config.MasterBackupFrequency = > "Saturday" %} > selected="selected"{% endif %}>Saturday</option> > <option {% if config.MasterBackupFrequency = > "Sunday" %} > selected="selected"{% endif %}>Sunday</option> > </select> > </td> > <td>Replication time</td> > <td><input style="width: 40%;" id="backuptime" > value="{{config.MasterBackupStartTime}}"/></td> > </tr> > <tr> > <td valign="top">Slave deactivated application</td> > <td style="width: 20%;"><span id="appl"> > {% for appl in config.SlaveDeactAppl %} > {{ appl }}<br> > {% endfor %} > </span></td> > <td valign="top">Slave deactivated scripts</td> > <td style="width: 20%;"><span id="scripts"> > {% for appl in config.SlaveDeactScripts %} > {{ appl }}<br> > {% endfor %} > </span></td> > </tr> > <!-- <div id="buttonPanel" style="display: block;"> > <button id="saveTime" class="submitButton ui-state-default ui- > corner-all ui-priority-primary">Save replication parameters</button> > </div> --> > <tr> > <th colspan="4" class="thead"><b> Replication parameters</ > b> > </th> > </tr> > <tr> > <td>Replication enable</td> > <td><input type="checkbox" id="replEnable" {% if > config.ReplicationEnable = "yes" %}checked="checked"{% endif %}/></td> > <td>Account used for replication</td> > <td> > <select id="account"> > <option {% if config.ReplicationAccount = > "engr" %} > selected="selected"{% endif %}>engr</option> > <option {% if config.ReplicationAccount = > "root" %} > selected="selected"{% endif %}>root</option> > </select> > </td> > </tr> > <tr> > <td>ReplicationRetryInterval</td> > <td><span > id="interval">{{config.ReplicationRetryInterval}}</span></ > td> > <td>ReplicationRetryCount</td> > <td><span > id="count">{{config.ReplicationRetryCount}}</span></td> > </tr> > <tr valign="center" align="center" colspan="4"> > <td colspan="4"> > <input type="button" id="saveCfg" valign="center" > class="submitButton ui-state-default ui-corner-all ui-priority- > primary" onclick="javascript:location.href='/SSO/configSave/';" > style="width:200px;" value="Save complete settings"/> > </td> > </tr> > </table> > </body> > </html> > {% endblock %} > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.