Just include a 'csrftoken' form parameter with your other form data. If
you're submitting the entire form, you can use the {% csrf_token %}
template tag anywhere inside your <form></form> tags.
_Nik
On 10/26/2012 2:14 AM, Stone wrote:
> This is misunderstand able for me.
> How can I submit as a parameter?
>
> Dne čtvrtek, 25. října 2012 17:24:05 UTC+2 Nikolas Stevenson-Molnar
> napsal(a):
>
> It looks like you're submitting your request via AJAX and using the
> X-CSRFToken header. It's very possible that one of your proxies isn't
> forwarding that header correctly. You might try submitting it as an
> actual form parameter instead.
>
> _Nik
>
> On 10/25/2012 6:01 AM, Stone wrote:
> > Over Firefox and Firebug I have received that CSRF Validation
> failed.
> > My server is running on apache2-2.2.22 and there are two proxy's
> > All template file and forms includes csrf_token tag.
> >
> > On Oct 24, 6:54 pm, Nikolas Stevenson-Molnar
> <nik.mol...@consbio.org>
> > wrote:
> >> It's possible that the CSRF token isn't being sent correctly.
> As a test,
> >> try adding the @csrf_exempt decorator to your view. If you no
> longer get
> >> the 403, then it's a CSRF problem.
> >>
> >> _Nik
> >>
> >> On 10/24/2012 6:31 AM, Stone wrote:
> >>
> >>
> >>
> >>
> >>
> >>
> >>
> >>> My Django application is running on real server (apache2-2.2.22).
> >>> In urls.py is mentioned:
> >>> (r'^configSave/$', configSave),
> >>> My HTML is bellow. After pressing on configSave I am receiving
> HTTP
> >>> 403 error page.
> >>> In view.py is mentioned:
> >>> def configSave(request):
> >>> configFile={}
> >>> if os.path.isfile(SSO_CONF) != False:
> >>> f = open(SSO_CONF,"r")
> >>> for line in f:
> >>> line = line.strip()
> >>> if re.search('^#',line) != None:
> >>> '''print 'This is the commentary'''
> >>> else:
> >>> '''print line'''
> >>> try:
> >>> name, value =
> line.split('=',2)
> >>> configFile[name]=value
> >>> print '<%s>%s</%s>' %
> (name, value, name)
> >>> except ValueError, err:
> >>> ''' print 'This is empty
> row'''
> >>>
> configFile['SlaveDeactAppl']=configFile['SlaveDeactAppl'].split(',');
>
> >>>
>
> configFile['SlaveDeactScripts']=configFile['SlaveDeactScripts'].split(',');
>
> >>> configFile={}
> >>> if os.path.isfile(SSO_CONF) != False:
> >>> f = open(SSO_CONF,"r")
> >>> for line in f:
> >>> line = line.strip()
> >>> if re.search('^#',line) != None:
> >>> '''print 'This is the commentary'''
> >>> else:
> >>> '''print line'''
> >>> try:
> >>> name, value =
> line.split('=',2)
> >>> configFile[name]=value
> >>> print '<%s>%s</%s>' %
> (name, value, name)
> >>> except ValueError, err:
> >>> ''' print 'This is empty
> row'''
> >>>
> configFile['SlaveDeactAppl']=configFile['SlaveDeactAppl'].split(',');
>
> >>>
>
> configFile['SlaveDeactScripts']=configFile['SlaveDeactScripts'].split(',');
>
> >>> c = {}
> >>> c = Context({
> >>> 'config':configFile,
> >>> 'item':2,
> >>> })
> >>> c.update(csrf(request))
> >>> return
> >>>
>
> render_to_response('config.html',c,context_instance=RequestContext(request))
>
> >>> By the way how to really fast define logging mechanism which
> can be
> >>> use for debugging.
> >>> Is this my programmer approach corrector is there any other
> way how to
> >>> react on the pressing of button?
> >>> <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
> "http://
> >>> www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd
> <http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd>">
> >>> {% extends "index.html" %}
> >>> {% block content %}
> >>> <html lang="en-US" xml:lang="en-US"
> xmlns="http://www.w3.org/1999/
> >>> xhtml">
> >>> <script type="text/javascript">
> >>> top.helpID="SSO_config";
> >>> $(document).ready(function () {
> >>> function sendAjax()
> >>> {
> >>> $(document).ajaxSend(function(event, xhr, settings) {
> >>> function getCookie(name) {
> >>> var cookieValue = null;
> >>> if (document.cookie && document.cookie != '') {
> >>> var cookies = document.cookie.split(';');
> >>> for (var i = 0; i < cookies.length; i++) {
> >>> var cookie = jQuery.trim(cookies[i]);
> >>> if (cookie.substring(0, name.length +
> 1) == (name
> >>> + '=')) {
> >>> cookieValue =
> >>> decodeURIComponent(cookie.substring(name.length + 1));
> >>> break;
> >>> }
> >>> }
> >>> }
> >>> return cookieValue;
> >>> }
> >>> function sameOrigin(url) {
> >>> var host = document.location.host; // host + port
> >>> var protocol = document.location.protocol;
> >>> var sr_origin = '//' + host;
> >>> var origin = protocol + sr_origin;
> >>> // Allow absolute or scheme relative URLs to
> same origin
> >>> return (url == origin || url.slice(0,
> origin.length + 1)
> >>> == origin + '/') ||
> >>> (url == sr_origin || url.slice(0,
> sr_origin.length +
> >>> 1) == sr_origin + '/') ||
> >>> !(/^(\/\/|http:|https:).*/.test(url));
> >>> }
> >>> function safeMethod(method) {
> >>> return
> (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
> >>> }
> >>> if (!safeMethod(settings.type) &&
> sameOrigin(settings.url)) {
> >>> xhr.setRequestHeader("X-CSRFToken",
> >>> getCookie('csrftoken'));
> >>> }
> >>> });
> >>> }
> >>> $("#saveCfg").click(function(event){
> >>> sendAjax();
> >>> $.ajax({
> >>> type: "POST",
> >>> url: "/SSO/configSave/",
> >>> dataType: "text",
> >>> success: function(data) {
> >>> alert(data);
> >>> },
> >>> error: function(xhr,ajaxOptions,thrownError) {
> >>> alert(xhr.status +" "+xhr.statusText);
> >>> alert(thrownError);
> >>> }
> >>> });
> >>> });
> >>> });
> >>> </script>
> >>> <body class="bodyClass">
> >>> <table class="body_table">
> >>> <tr>
> >>> <th colspan="4" class="thead"><b> IP
> configuration</b></
> >>> th>
> >>> </tr>
> >>> <tr>
> >>> <td>Master IP address</td>
> >>> <td>
> >>> <input id="mip" style="width: 100px;"
> >>> value="{{config.MasterIPAddress}}"/>
> >>> </td>
> >>> <td>Slave IP address</td>
> >>> <td>
> >>> <input id="sip" style="width: 100px;"
> >>> value="{{config.SlaveIPAddress}}"/>
> >>> </td>
> >>> </tr>
> >>> <tr>
> >>> <td>Master netmask</td>
> >>> <td>
> >>> <input id="mnetmask" style="width: 100px;"
> >>> value="{{config.MasterIPNetmask}}"/>
> >>> </td>
> >>> <td>Slave netmask</td>
> >>> <td>
> >>> <input id="snetmask" style="width: 100px;"
> >>> value="{{config.SlaveIPNetmask}}"/>
> >>> </td>
> >>> </tr>
> >>> <tr>
> >>> <td>Master broadcast</td>
> >>> <td>
> >>> <input id="mbroadcast" style="width: 100px;"
> >>> value="{{config.MasterIPBroadcast}}"/>
> >>> </td>
> >>> <td>Slave broadcast</td>
> >>> <td>
> >>> <input id="sbroadcast" style="width: 100px;"
> >>> value="{{config.SlaveIPBroadcast}}"/>
> >>> </td>
> >>> </tr>
> >>> <tr>
> >>> <td></td>
> >>> <td></td>
> >>> <td></td>
> >>> <td></td>
> >>> </tr>
> >>> <tr>
> >>> <td>Lancard name</td>
> >>> <td><span
> id="cardname"></span>{{config.LanCardName}}</td>
> >>> <td>MAC address</td>
> >>> <td><input id="cardmac"
> value="{{config.LanCardMAC}}"/></td>
> >>> </tr>
> >>> <tr>
> >>> <th colspan="4" class="thead"><b> Configuration
> >>> parameters</b>
> >>> </th>
> >>> </tr>
> >>> <tr>
> >>> <td>Replication frequency</td>
> >>> <td>
> >>> <select id="freq">
> >>> <option {% if
> config.MasterBackupFrequency = "daily" %}
> >>> selected="selected"{% endif %}>daily</option>
> >>> <option {% if
> config.MasterBackupFrequency = "Monday" %}
> >>> selected="selected"{% endif %}>Monday</option>
> >>> <option {% if
> config.MasterBackupFrequency = "Thusday" %}
> >>> selected="selected"{% endif %}>Thusday</option>
> >>> <option {% if
> config.MasterBackupFrequency = "Wednesday" %}
> >>> selected="selected"{% endif %}>Wednesday</option>
> >>> <option {% if
> config.MasterBackupFrequency = "Thursday" %}
> >>> selected="selected"{% endif %}>Thursday</option>
> >>> <option {% if
> config.MasterBackupFrequency = "Friday" %}
> >>> selected="selected"{% endif %}>Friday</option>
> >>> <option {% if
> config.MasterBackupFrequency = "Saturday" %}
> >>> selected="selected"{% endif %}>Saturday</option>
> >>> <option {% if
> config.MasterBackupFrequency = "Sunday" %}
> >>> selected="selected"{% endif %}>Sunday</option>
> >>> </select>
> >>> </td>
> >>> <td>Replication time</td>
> >>> <td><input style="width: 40%;" id="backuptime"
> >>> value="{{config.MasterBackupStartTime}}"/></td>
> >>> </tr>
> >>> <tr>
> >>> <td valign="top">Slave deactivated application</td>
> >>> <td style="width: 20%;"><span id="appl">
> >>> {% for appl in config.SlaveDeactAppl %}
> >>> {{ appl }}<br>
> >>> {% endfor %}
> >>> </span></td>
> >>> <td valign="top">Slave deactivated scripts</td>
> >>> <td style="width: 20%;"><span id="scripts">
> >>> {% for appl in config.SlaveDeactScripts %}
> >>> {{ appl }}<br>
> >>> {% endfor %}
> >>> </span></td>
> >>> </tr>
> >>> <!-- <div id="buttonPanel" style="display: block;">
> >>> <button id="saveTime" class="submitButton
> ui-state-default ui-
> >>> corner-all ui-priority-primary">Save replication
> parameters</button>
> >>> </div> -->
> >>> <tr>
> >>> <th colspan="4" class="thead"><b> Replication
> parameters</
> >>> b>
> >>> </th>
> >>> </tr>
> >>> <tr>
> >>> <td>Replication enable</td>
> >>> <td><input type="checkbox" id="replEnable" {% if
> >>> config.ReplicationEnable = "yes" %}checked="checked"{% endif
> %}/></td>
> >>> <td>Account used for replication</td>
> >>> <td>
> >>> <select id="account">
> >>> <option {% if
> config.ReplicationAccount = "engr" %}
> >>> selected="selected"{% endif %}>engr</option>
> >>> <option {% if
> config.ReplicationAccount = "root" %}
> >>> selected="selected"{% endif %}>root</option>
> >>> </select>
> >>> </td>
> >>> </tr>
> >>> <tr>
> >>> <td>ReplicationRetryInterval</td>
> >>> <td><span
> id="interval">{{config.ReplicationRetryInterval}}</span></
> >>> td>
> >>> <td>ReplicationRetryCount</td>
> >>> <td><span
> id="count">{{config.ReplicationRetryCount}}</span></td>
> >>> </tr>
> >>> <tr valign="center" align="center" colspan="4">
> >>> <td colspan="4">
> >>> <input type="button" id="saveCfg" valign="center"
> >>> class="submitButton ui-state-default ui-corner-all ui-priority-
> >>> primary" onclick="javascript:location.href='/SSO/configSave/';"
> >>> style="width:200px;" value="Save complete settings"/>
> >>> </td>
> >>> </tr>
> >>> </table>
> >>> </body>
> >>> </html>
> >>> {% endblock %}
>
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
