It looks like the form has the {% csrf_token %} tag so I'm not sure what is
not working properly. If we need to patch it, please submit a ticket with
the details.Thanks, Chris On Sun, Dec 12, 2010 at 11:05 AM, Michael Thamm <[email protected]>wrote: > I have had this same problem and the only way I fixed it was to also > include the csrf response middleware also. > Along with the token in the template. > Hope that helps. > Michael > > On Dec 10, 12:09 pm, Josh <[email protected]> wrote: > > Ok heres the actual error: > > Forbidden (403) > > > > CSRF verification failed. Request aborted. > > Help > > > > Reason given for failure: > > > > CSRF token missing or incorrect. > > > > In general, this can occur when there is a genuine Cross Site Request > > Forgery, or when Django's CSRF mechanism has not been used correctly. > > For POST forms, you need to ensure: > > > > * The view function uses RequestContext for the template, instead > > of Context. > > * In the template, there is a {% csrf_token %} template tag inside > > each POST form that targets an internal URL. > > * If you are not using CsrfViewMiddleware, then you must use > > csrf_protect on any views that use the csrf_token template tag, as > > well as those that accept the POST data. > > > > You're seeing the help section of this page because you have DEBUG = > > True in your Django settings file. Change that to False, and only the > > initial error message will be displayed. > > > > You can customize this page using the CSRF_FAILURE_VIEW setting. > > > > -Josh > > > > On Dec 9, 9:56 pm, Josh Cartmell <[email protected]> wrote: > > > > > I'm not in front of that computer right now and I'll give the actual > > > error tomorrow. But here's what I remember: > > > The error said something about missing the csrf token I believe. It > was > > > upon trying to submit a product rating. I was running the django > > > development server. I did look into the product rating form and it > > > didn't seem to have the csrf token in it. Thanks for the help. > > > > > -Josh > > > > > On 12/9/10 6:01 PM, Chris Moffitt wrote: > > > > > > Could you tell us a bit more about the exact error and how to > > > > replicate it? > > > > > > -Chris > > > > > > On Thu, Dec 9, 2010 at 3:45 PM, Josh <[email protected] > > > > <mailto:[email protected]>> wrote: > > > > > > I am using django 1.2.3 and satchmo 0.9.2-pre hg-unknown. I get > no > > > > CSRF errors except for with product ratings. I have a custom > > > > product.html so I tried using an unmodified one and I still get > > > > errors. I have the CSRF middleware in my settings. I know there > has > > > > been discussion of this but I thought that with the most recent > > > > versions the CSRF issues were fixed. Anyone know how to fix > these > > > > issues? > > > > > > Thanks, > > > > Josh > > > > > > -- > > > > You received this message because you are subscribed to the > Google > > > > Groups "Satchmo users" group. > > > > To post to this group, send email to > > > > [email protected] > > > > <mailto:[email protected]>. > > > > To unsubscribe from this group, send email to > > > > > > > > [email protected]<satchmo-users%[email protected]> > > > > > > > > <mailto:satchmo-users%[email protected]<satchmo-users%[email protected]> > >. > > > > For more options, visit this group at > > > > http://groups.google.com/group/satchmo-users?hl=en. > > > > > > -- > > > > You received this message because you are subscribed to the Google > > > > Groups "Satchmo users" group. > > > > To post to this group, send email to [email protected]. > > > > To unsubscribe from this group, send email to > > > > [email protected]<satchmo-users%[email protected]> > . > > > > For more options, visit this group at > > > >http://groups.google.com/group/satchmo-users?hl=en. > > -- > You received this message because you are subscribed to the Google Groups > "Satchmo users" group. > To post to this group, send email to [email protected]. > To unsubscribe from this group, send email to > [email protected]<satchmo-users%[email protected]> > . > For more options, visit this group at > http://groups.google.com/group/satchmo-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Satchmo users" group. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/satchmo-users?hl=en.
