Hi Issuer, Plz check doc and do accordingly: Section Setting the token on the AJAX request https://docs.djangoproject.com/en/dev/ref/csrf/#ajax
On Sat, Nov 9, 2019, 05:23 Mikko Meronen <mikkovillemero...@gmail.com> wrote: > Hi, > > I have a problem to pass a json value to Django views and use the value to > retrieve data from my database. Anyone could help me? > > I get the ajax error message and the following error in chrome console: > jquery.js:8475 POST http://www.topithenewsdoggy.com/history/ 403 > (Forbidden) > > *views.py* > > def History(request): > > md = request.POST.get('jsonData') > historia1 = history.objects.filter(monthday__exact=md)[:1] > args = {'historia1':historia1} > return render(request, "news/history.html", args) > > > *history.html:* > > <script src=" > http://ajax.googleapis.com/ajax/libs/jquery/1.9.0/jquery.min.js";></script> > <script> > > var x = new Date(); > var m = x.getMonth() + 1; > var d = x.getDate(); > var monthdate = m + '-' + d; > > var jsonData = JSON.stringify(monthdate); > > $.ajax({ > type: "POST", > url: '/history/', > data: { jsonData }, > dataType : "json", > success: function () { alert("Success"); }, > error: function () alert("Error"); } > }); > > > > // CSFR > > function getCookie(name) { > var cookieValue = null; > if (document.cookie && document.cookie !== '') { > var cookies = document.cookie.split(';'); > for (var i = 0; i < cookies.length; i++) { > var cookie = cookies[i].trim(); > // Does this cookie string begin with the name we want? > if (cookie.substring(0, name.length + 1) === (name + '=')) { > cookieValue = > decodeURIComponent(cookie.substring(name.length + 1)); > break; > } > } > } > return cookieValue; > } > var csrftoken = getCookie('csrftoken'); > > function getCookie(name) { > var cookieValue = null; > if (document.cookie && document.cookie !== '') { > var cookies = document.cookie.split(';'); > for (var i = 0; i < cookies.length; i++) { > var cookie = jQuery.trim(cookies[i]); > // Does this cookie string begin with the name we want? > if (cookie.substring(0, name.length + 1) === (name + '=')) { > cookieValue = > decodeURIComponent(cookie.substring(name.length + 1)); > break; > } > } > } > return cookieValue; > } > > var csrftoken = getCookie('csrftoken'); > > function csrfSafeMethod(method) { > // these HTTP methods do not require CSRF protection > return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method)); > } > $.ajaxSetup({ > beforeSend: function(xhr, settings) { > if (!csrfSafeMethod(settings.type) && !this.crossDomain) { > xhr.setRequestHeader("X-CSRFToken", csrftoken); > } > } > }); > </script> > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/2e129166-4262-4c39-b4d8-517dd9249f1a%40googlegroups.com > <https://groups.google.com/d/msgid/django-users/2e129166-4262-4c39-b4d8-517dd9249f1a%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAP5HUWoYOsU%3D8uhyoLFBfyvxHhF8xjSt8DRG4G1fWD9ftTCWZw%40mail.gmail.com.
