Hi Aseem, On Mon, May 12, 2014 at 11:25 PM, Aseem Bansal <asmbans...@gmail.com> wrote: > I am new to Django and am learning it baically because I wanted to create a > BookMarker project. A project for managing bookmarks. For this I am going to > create a UI through Django and a JavaScript for sending the URLs to the app. > There is a problem of CSRF token in Django. I was able to do a dummy POST > request by sending the CSRF token hard-coded as a parameter. But I do not > understand how the CSRF tokens are generated. Can I just hard-code them? I > don't think that it should be possible otherwise there is no point of having > it in the first place. Should I consider turning off the CSRF middleware as > this is just local machine or should I keep it as a best practice and find a > way to generate the CSRF token in my JavaScript? That would suck but I am > out of opinions. >
To use the csrf token and send it along with AJAX requests made in javascript, refer https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ajax . It should be fairly straightforward following steps there. Let know if anything is unclear or does not work. > Also when you are doing Django projects and need to deal with JS then what > do you do? I mean is there an alternative for JS in Django? > > If any of these questions doesn't make any sense please tell and I will try > to improve these. Just tell what doesn't make sense. > Hope the documentation makes sense, otherwise just search for "django ajax csrf token" or so and you should find quite a lot of examples online :) All the best. -Sanjay -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAG3W7ZEBpqkCwRaJKy%2BJVZCQY2ORAQNZr1fRjgaBx9UnnzZPeg%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
