Re: Automatic form submission and CSRF??
Thanks a lot - that did the trick! Joakim On Sep 27, 1:58 am, Russell Keith-Mageewrote: > On Mon, Sep 27, 2010 at 12:18 AM, Joakim Hove wrote: > > Hello, > > > I have a simple form which has method POST. When I view the form in > > the browser and fill it normally everything works fine. However; the > > plan is to submit this form automagically from a client program - I > > have currently tried with the Python script: > > > #!/usr/bin/python > > import urllib > > params = urllib.urlencode({"passwd": "Hemmelig", > > "user_id" : 1000, > > "subject" : "Tema", > > "extra_addr" : "joakim-h...@gmail.com", > > "date_list" : "10-10-2010", > > "body" : "Lang melding"}) > > > f = urllib.urlopen(form_url , params) > > print f.read() > > > The server just returns error code 403: "No CSRF or session cookie"; > > how can I get around this? Do I have to create a csrfmiddlewaretoken > > on the client (which will not even have Python installed)? > > If it's impractical or impossible to get access to the CSRF token by > GET before POSTing, you can disable CSRF on that single view. See [1] > for details. > > [1]http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#exceptions > > Yours, > Russ Magee %-) -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Automatic form submission and CSRF??
Hi, I think you should add the 'django.middleware.csrf.CsrfResponseMiddleware' into your MIDDLEWARE_CLASSES in the settings model. Yours, BR On Mon, Sep 27, 2010 at 7:58 AM, Russell Keith-Magee < russ...@keith-magee.com> wrote: > On Mon, Sep 27, 2010 at 12:18 AM, Joakim Hove> wrote: > > Hello, > > > > I have a simple form which has method POST. When I view the form in > > the browser and fill it normally everything works fine. However; the > > plan is to submit this form automagically from a client program - I > > have currently tried with the Python script: > > > > #!/usr/bin/python > > import urllib > > params = urllib.urlencode({"passwd": "Hemmelig", > > "user_id" : 1000, > > "subject" : "Tema", > > "extra_addr" : "joakim-h...@gmail.com", > > "date_list" : "10-10-2010", > > "body" : "Lang melding"}) > > > > f = urllib.urlopen(form_url , params) > > print f.read() > > > > The server just returns error code 403: "No CSRF or session cookie"; > > how can I get around this? Do I have to create a csrfmiddlewaretoken > > on the client (which will not even have Python installed)? > > If it's impractical or impossible to get access to the CSRF token by > GET before POSTing, you can disable CSRF on that single view. See [1] > for details. > > [1] http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#exceptions > > Yours, > Russ Magee %-) > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To post to this group, send email to django-us...@googlegroups.com. > To unsubscribe from this group, send email to > django-users+unsubscr...@googlegroups.com > . > For more options, visit this group at > http://groups.google.com/group/django-users?hl=en. > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: Automatic form submission and CSRF??
On Mon, Sep 27, 2010 at 12:18 AM, Joakim Hovewrote: > Hello, > > I have a simple form which has method POST. When I view the form in > the browser and fill it normally everything works fine. However; the > plan is to submit this form automagically from a client program - I > have currently tried with the Python script: > > #!/usr/bin/python > import urllib > params = urllib.urlencode({"passwd": "Hemmelig", > "user_id" : 1000, > "subject" : "Tema", > "extra_addr" : "joakim-h...@gmail.com", > "date_list" : "10-10-2010", > "body" : "Lang melding"}) > > f = urllib.urlopen(form_url , params) > print f.read() > > The server just returns error code 403: "No CSRF or session cookie"; > how can I get around this? Do I have to create a csrfmiddlewaretoken > on the client (which will not even have Python installed)? If it's impractical or impossible to get access to the CSRF token by GET before POSTing, you can disable CSRF on that single view. See [1] for details. [1] http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#exceptions Yours, Russ Magee %-) -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Automatic form submission and CSRF??
Hello, I have a simple form which has method POST. When I view the form in the browser and fill it normally everything works fine. However; the plan is to submit this form automagically from a client program - I have currently tried with the Python script: #!/usr/bin/python import urllib params = urllib.urlencode({"passwd": "Hemmelig", "user_id" : 1000, "subject" : "Tema", "extra_addr" : "joakim-h...@gmail.com", "date_list" : "10-10-2010", "body" : "Lang melding"}) f = urllib.urlopen(form_url , params) print f.read() The server just returns error code 403: "No CSRF or session cookie"; how can I get around this? Do I have to create a csrfmiddlewaretoken on the client (which will not even have Python installed)? -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-us...@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.