Thanks for the idea. I was trying to get autocomplete to use admin's copy
of jquery, but I keep getting "$ is not a function." grr ...
django is already calling this $.ajaxSetup, but for whatever reason, the
header is not getting sent.
On Thursday, December 10, 2015 at 8:22:24 PM UTC-5, Andrey inte wrote:
>
> Hello, Joel
>
> I had exactly the same problem.
> When you save a page, an ajax script also saves keywords, which is POST
> and requires CSRF token. It should be set by
> $.ajaxSetup({ beforeSend: function(xhr, settings) { if
> (!csrfSafeMethod(settings.type) && sameOrigin(settings.url)) { // Send
> the token to same-origin, relative URLs only. // Send the token only if
> the method warrants CSRF protection // Using the CSRFToken value acquired
> earlier xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken')); } }
> });});
>
> But, I had a separate copy of Jquery (for my smart_selects app)
> I think, beforeSend just set it for that copy, and not for the one used
> when ajax'ing keywords (i.e., 'regular'), or, maybe, did not set it at all;
> so, I just set my smart_selects to use the admin's copy of Jquery. It
> works now.
>
> Hope, it helps.
>
> On Friday, December 11, 2015 at 1:16:26 AM UTC+9, Joel Gwynn wrote:
>>
>> I've added autocomplete light to my admin page by making my own copy of
>> base_site.html and adding the autocomplete code, as per the quick-start
>> guide
>> https://django-autocomplete-light.readthedocs.org/en/hvad-support/quick.html
>>
>> So in my extrahead block I have:
>>
>> <script
>> src="http://ajax.googleapis.com/ajax/libs/jquery/1.7.2/jquery.min.js";
>> type="text/javascript"></script>
>> {% include 'autocomplete_light/static.html' %}
>>
>> When I go to save a page, however, it doesn't save, and I get
>>
>> http://localhost:8000/admin_keywords_submit/ Failed to load resource:
>> the server responded with a status of 403 (FORBIDDEN)
>>
>> I can save my own models just fine, and I can also save users, just not
>> pages. According to google, it may have something to do with the CSRF
>> token not being sent. In the request, I see that it's being sent in the
>> cookie, but not in the header.
>>
>> I see that this has been a problem in the past. I'm using mezzanine
>> 4.0.1 and django 1.8.7
>>
>> TIA,
>> Joel
>>
>
--
You received this message because you are subscribed to the Google Groups
"Mezzanine Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to mezzanine-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
