In most cases, including the CSRF token in AJAX requests is trivial, and processing the token is handled automatically by Django. I would recommend spending a few minutes to implement the CSRF protection in your code of you plan to ever move to production. It is easy enough and pays good dividends later.
-James On Feb 20, 2015 5:23 AM, "Vijay Khemlani" <[email protected]> wrote: > Is is required by default. > > I would recommend including the csrf token in your ajax request. If you > still want to prevent the CSRF verification in your view then you can use > the "csrf_exempt" decorator > > https://docs.djangoproject.com/en/1.7/ref/contrib/csrf/#utilities > > On Fri, Feb 20, 2015 at 9:05 AM, João Marques <[email protected]> > wrote: > >> According to Django documentation I can include a crsf token to prevent >> malicious acts, but it is not necessary right? Or am I getting this wrong? >> Because right now I wouldn't mind skipping the crsf token step for a little >> while I manage to get the rest of the essential things to work. >> >> sexta-feira, 20 de Fevereiro de 2015 às 00:08:32 UTC, Vijay Khemlani >> escreveu: >>> >>> There's no "range" in django templates, you just use >>> >>> {% for elem in sols %} >>> >>> Regarding making the request using POST, are you sure you're not having >>> a proble with CSRF? >>> >>> https://docs.djangoproject.com/en/1.7/ref/contrib/csrf/ >>> >>> It has a section for AJAX requests >>> >>> >>> >>> On Thu, Feb 19, 2015 at 7:44 PM, João Marques <[email protected]> >>> wrote: >>> >>>> Thank You guys for all the aswers. Your were crucial debugging this >>>> error. >>>> >>>> By the way, on the GET request matter, I'm using a GET because I can't >>>> actually get POST to work I'll explain: As I execute the POST request, the >>>> url is loaded and everything runs fine except that the code on the view >>>> doesn't return nothing. Thats is the reason I have everything set uo with >>>> GET. Does anybody know if I have to enable something on my Django >>>> properties to get this to work? >>>> >>>> Cheers >>>> >>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Django users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To post to this group, send email to [email protected]. >>>> Visit this group at http://groups.google.com/group/django-users. >>>> To view this discussion on the web visit https://groups.google.com/d/ >>>> msgid/django-users/76c1ef99-5082-4b26-a954-f8dde0b7262d% >>>> 40googlegroups.com >>>> <https://groups.google.com/d/msgid/django-users/76c1ef99-5082-4b26-a954-f8dde0b7262d%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected]. >> To post to this group, send email to [email protected]. >> Visit this group at http://groups.google.com/group/django-users. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/django-users/bc394c9f-6614-457d-b091-b791a10c6eab%40googlegroups.com >> <https://groups.google.com/d/msgid/django-users/bc394c9f-6614-457d-b091-b791a10c6eab%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> >> For more options, visit https://groups.google.com/d/optout. >> > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/CALn3ei1ScoHtevoWyVBBxTaFqkUwrigo37FaLtTQM7xOAQTcxQ%40mail.gmail.com > <https://groups.google.com/d/msgid/django-users/CALn3ei1ScoHtevoWyVBBxTaFqkUwrigo37FaLtTQM7xOAQTcxQ%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CA%2Be%2BciXeCNeVMoA9Mu-JnBjx18zSs6ULQT06y-vfMPyqN-G2fA%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
