Re: CSRF cookie not set issue

[James Schneider]

Comments in several places inline below:


> Thanks for the response... I opened the *rendered* source page in Mozilla
> and couldn't find the csrf_token even though I had already added the { %
> csrf_token %} . Something seems wrong. Any suggestions moving forward ?
>
>

You should be seeing a hidden element after your opening  tag that
replaces the {% csrf_token %} that looks something like this:



If you aren't seeing that, chances are your form submission is not going to
work since the CSRF token isn't being generated properly.


On Sat, Sep 12, 2015 at 12:56 AM, James Schneider 
> wrote:
>
>> In the rendered version sent to the browser, are you able to validate
>> that the CSRF token is actually being created and inserted as a hidden
>> element in your form?
>>
>> Also, it doesn't look like any of your buttons are marked as type=submit.
>> Not sure if that matters when submitting via JS though.
>>
>> -James
>> On Sep 11, 2015 7:56 PM, "Kevin Anyanwu"  wrote:
>>
>>> Can anyone help ?
>>>
>>> On Thu, Sep 10, 2015 at 8:34 PM, Kevin Anyanwu 
>>> wrote:
>>>
 base_1.html


>>> 
 
   
 
 
 goals
 
 

 
 
 

   
   

 
 
 Cirriculmn
 Notes
 Collaborte
 


   
 >>> charset="utf-8">
 
 
 
   
 

 On Thu, Sep 10, 2015 at 8:49 AM, monoBOT 
 wrote:

> show us the base_1.html
>
>


Are you sure that base_1.html template is correct? There is no reference to
a  anywhere in that template. There's also no obvious reference to
any JS files that would run the submit function that you are talking about.

Are you inserting the form via JS? If so, you'll need to manually populate
the CSRF hidden input and/or include the CSRF token in your AJAX response
headers. Django won't do this for you unless you specifically write a view
to generate the HTML on the server side and send it as a response to an
AJAX request, which doesn't appear to be the case.



> 2015-09-10 16:18 GMT+01:00 :
>
>> By the way, I am using Django 1.8.3 (final)
>>
>>
>> On Thursday, September 10, 2015 at 8:16:11 AM UTC-7,
>> kany...@fonality.com wrote:
>>>
>>> First of all I have done my research and found no reasonable
>>> explanation for my issue. I have a site on heroku that works fine on the
>>> first page, but when I click a button that I have programmed to go to
>>> another page, I obtain the infamous CSRF error. The reason for this 
>>> error
>>> is CSRF cookie is not set. Here is a description of the background work
>>> done on the dev side:
>>>
>>> 1. Settings.py
>>>
>>> MIDDLEWARE_CLASSES = (
>>> 'django.contrib.sessions.middleware.SessionMiddleware',
>>> 'django.middleware.common.CommonMiddleware',
>>> 'django.middleware.csrf.CsrfViewMiddleware',
>>> 'django.contrib.auth.middleware.AuthenticationMiddleware',
>>> 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
>>> 'django.contrib.messages.middleware.MessageMiddleware',
>>> 'django.middleware.clickjacking.XFrameOptionsMiddleware',
>>> #'django.middleware.security.SecurityMiddleware',
>>>  'django.middleware.csrf.CsrfViewMiddleware',
>>> )
>>>
>>

One other thing I noticed is that you
have 'django.middleware.csrf.CsrfViewMiddleware' defined twice in
MIDDLEWARE_CLASSES. Not sure if that is related, but you should remove the
bottom entry anyway.




>
>>> 2. base.py
>>>
>>> >> "/menu/">
>>> {% csrf_token %}
>>>
>>> 
>>> >> placeholder="Email address" type="text">
>>> 
>>> 
>>> 
>>>   >> placeholder="Password" type="text">
>>> 
>>> 
>>> 
>>>
>>> Log In
>>>
>>> 
>>>
>>>   
>>>
>>

Where exactly is base.py used? None of your other code that you've posted
references it. You'll need to make sure that you are invoking the template
engine using RequestContext if you want the {% csrf_token %} tag to work.

Also, base.py appears to be entirely made up of HTML?? Did you mean
base.html here?



>
>>> 3. views.py
>>>
>>> def menu(request):
>>>
>>> return render_to_response('home/base_1.html', context_instance =
>>> RequestContext(request, {}) )
>>>
>>>

Is there another view in play? This view uses base_1.html, but as I
mentioned earlier, base_1.html doesn't have any form references. It also
won't do anything with the data submitted in the form.




> 4. javascript for the function logIn() that is executed when the button is
>>> 

Re: CSRF cookie not set issue

[Kevin Anyanwu]

Hi James,

Thanks for the response... I opened the *rendered* source page in Mozilla
and couldn't find the csrf_token even though I had already added the { %
csrf_token %} . Something seems wrong. Any suggestions moving forward ?

On Sat, Sep 12, 2015 at 12:56 AM, James Schneider 
wrote:

> In the rendered version sent to the browser, are you able to validate that
> the CSRF token is actually being created and inserted as a hidden element
> in your form?
>
> Also, it doesn't look like any of your buttons are marked as type=submit.
> Not sure if that matters when submitting via JS though.
>
> -James
> On Sep 11, 2015 7:56 PM, "Kevin Anyanwu"  wrote:
>
>> Can anyone help ?
>>
>> On Thu, Sep 10, 2015 at 8:34 PM, Kevin Anyanwu 
>> wrote:
>>
>>> base_1.html
>>>
>>> 
>>> 
>>>   
>>> 
>>> 
>>> goals
>>> 
>>> 
>>>
>>> 
>>> 
>>> 
>>>
>>>   
>>>   
>>>
>>> 
>>> 
>>> Cirriculmn
>>> Notes
>>> Collaborte
>>> 
>>>
>>>
>>>   
>>> >> charset="utf-8">
>>> 
>>> 
>>> 
>>>   
>>> 
>>>
>>> On Thu, Sep 10, 2015 at 8:49 AM, monoBOT  wrote:
>>>
 show us the base_1.html

 2015-09-10 16:18 GMT+01:00 :

> By the way, I am using Django 1.8.3 (final)
>
>
> On Thursday, September 10, 2015 at 8:16:11 AM UTC-7,
> kany...@fonality.com wrote:
>>
>> First of all I have done my research and found no reasonable
>> explanation for my issue. I have a site on heroku that works fine on the
>> first page, but when I click a button that I have programmed to go to
>> another page, I obtain the infamous CSRF error. The reason for this error
>> is CSRF cookie is not set. Here is a description of the background work
>> done on the dev side:
>>
>> 1. Settings.py
>>
>> MIDDLEWARE_CLASSES = (
>> 'django.contrib.sessions.middleware.SessionMiddleware',
>> 'django.middleware.common.CommonMiddleware',
>> 'django.middleware.csrf.CsrfViewMiddleware',
>> 'django.contrib.auth.middleware.AuthenticationMiddleware',
>> 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
>> 'django.contrib.messages.middleware.MessageMiddleware',
>> 'django.middleware.clickjacking.XFrameOptionsMiddleware',
>> #'django.middleware.security.SecurityMiddleware',
>>  'django.middleware.csrf.CsrfViewMiddleware',
>> )
>>
>> 2. base.py
>>
>> > "/menu/">
>> {% csrf_token %}
>>
>> 
>> > placeholder="Email address" type="text">
>> 
>> 
>> 
>>   > placeholder="Password" type="text">
>> 
>> 
>> 
>>
>> Log In
>>
>> 
>>
>>   
>>
>> 3. views.py
>>
>> def menu(request):
>>
>> return render_to_response('home/base_1.html', context_instance =
>> RequestContext(request, {}) )
>>
>> 4. javascript for the function logIn() that is executed when the
>> button is clicked from (2)
>>
>>
>> function logIn ()
>> {
>> alert('Form has been submitted');
>> document.getElementById('loginform').submit();
>> }
>>
>> I am seriously bewildered and cannot understand why the base_1.html
>> site is not being rendered and I am getting this CSRF error ! Please help
>> me,
>>
>>
>>
>>
>>
>> --
> You received this message because you are subscribed to the Google
> Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send
> an email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/14ec3bc1-c7ff-4d3e-8065-9eae959720fc%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>



 --
 *monoBOT*
 Visite mi sitio(Visit my site): monobotsoft.es/blog/

 --
 You received this message because you are subscribed to a topic in the
 Google Groups "Django users" group.
 To unsubscribe from this topic, visit
 https://groups.google.com/d/topic/django-users/scpBffl8s3A/unsubscribe.
 To unsubscribe from this group and all its topics, send an email to
 django-users+unsubscr...@googlegroups.com.
 To post to this group, send email to django-users@googlegroups.com.
 Visit this group at 

Re: CSRF cookie not set issue

[James Schneider]

In the rendered version sent to the browser, are you able to validate that
the CSRF token is actually being created and inserted as a hidden element
in your form?

Also, it doesn't look like any of your buttons are marked as type=submit.
Not sure if that matters when submitting via JS though.

-James
On Sep 11, 2015 7:56 PM, "Kevin Anyanwu"  wrote:

> Can anyone help ?
>
> On Thu, Sep 10, 2015 at 8:34 PM, Kevin Anyanwu 
> wrote:
>
>> base_1.html
>>
>> 
>> 
>>   
>> 
>> 
>> goals
>> 
>> 
>>
>> 
>> 
>> 
>>
>>   
>>   
>>
>> 
>> 
>> Cirriculmn
>> Notes
>> Collaborte
>> 
>>
>>
>>   
>> > charset="utf-8">
>> 
>> 
>> 
>>   
>> 
>>
>> On Thu, Sep 10, 2015 at 8:49 AM, monoBOT  wrote:
>>
>>> show us the base_1.html
>>>
>>> 2015-09-10 16:18 GMT+01:00 :
>>>
 By the way, I am using Django 1.8.3 (final)


 On Thursday, September 10, 2015 at 8:16:11 AM UTC-7,
 kany...@fonality.com wrote:
>
> First of all I have done my research and found no reasonable
> explanation for my issue. I have a site on heroku that works fine on the
> first page, but when I click a button that I have programmed to go to
> another page, I obtain the infamous CSRF error. The reason for this error
> is CSRF cookie is not set. Here is a description of the background work
> done on the dev side:
>
> 1. Settings.py
>
> MIDDLEWARE_CLASSES = (
> 'django.contrib.sessions.middleware.SessionMiddleware',
> 'django.middleware.common.CommonMiddleware',
> 'django.middleware.csrf.CsrfViewMiddleware',
> 'django.contrib.auth.middleware.AuthenticationMiddleware',
> 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
> 'django.contrib.messages.middleware.MessageMiddleware',
> 'django.middleware.clickjacking.XFrameOptionsMiddleware',
> #'django.middleware.security.SecurityMiddleware',
>  'django.middleware.csrf.CsrfViewMiddleware',
> )
>
> 2. base.py
>
>  "/menu/">
> {% csrf_token %}
>
> 
>  placeholder="Email address" type="text">
> 
> 
> 
>    placeholder="Password" type="text">
> 
> 
> 
>
> Log In
>
> 
>
>   
>
> 3. views.py
>
> def menu(request):
>
> return render_to_response('home/base_1.html', context_instance =
> RequestContext(request, {}) )
>
> 4. javascript for the function logIn() that is executed when the
> button is clicked from (2)
>
>
> function logIn ()
> {
> alert('Form has been submitted');
> document.getElementById('loginform').submit();
> }
>
> I am seriously bewildered and cannot understand why the base_1.html
> site is not being rendered and I am getting this CSRF error ! Please help
> me,
>
>
>
>
>
> --
 You received this message because you are subscribed to the Google
 Groups "Django users" group.
 To unsubscribe from this group and stop receiving emails from it, send
 an email to django-users+unsubscr...@googlegroups.com.
 To post to this group, send email to django-users@googlegroups.com.
 Visit this group at http://groups.google.com/group/django-users.
 To view this discussion on the web visit
 https://groups.google.com/d/msgid/django-users/14ec3bc1-c7ff-4d3e-8065-9eae959720fc%40googlegroups.com
 
 .

 For more options, visit https://groups.google.com/d/optout.

>>>
>>>
>>>
>>> --
>>> *monoBOT*
>>> Visite mi sitio(Visit my site): monobotsoft.es/blog/
>>>
>>> --
>>> You received this message because you are subscribed to a topic in the
>>> Google Groups "Django users" group.
>>> To unsubscribe from this topic, visit
>>> https://groups.google.com/d/topic/django-users/scpBffl8s3A/unsubscribe.
>>> To unsubscribe from this group and all its topics, send an email to
>>> django-users+unsubscr...@googlegroups.com.
>>> To post to this group, send email to django-users@googlegroups.com.
>>> Visit this group at http://groups.google.com/group/django-users.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/django-users/CA%2BxOsGCqOXSCs7dFDTNNfgEgKHk2vsbXNEmFN4LpkgNabgjVNA%40mail.gmail.com
>>> 
>>> .
>>>
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
> --
> You received this message because you are 

Re: CSRF cookie not set issue

[Kevin Anyanwu]

Can anyone help ?

On Thu, Sep 10, 2015 at 8:34 PM, Kevin Anyanwu 
wrote:

> base_1.html
>
> 
> 
>   
> 
> 
> goals
> 
> 
>
> 
> 
> 
>
>   
>   
>
> 
> 
> Cirriculmn
> Notes
> Collaborte
> 
>
>
>   
>  charset="utf-8">
> 
> 
> 
>   
> 
>
> On Thu, Sep 10, 2015 at 8:49 AM, monoBOT  wrote:
>
>> show us the base_1.html
>>
>> 2015-09-10 16:18 GMT+01:00 :
>>
>>> By the way, I am using Django 1.8.3 (final)
>>>
>>>
>>> On Thursday, September 10, 2015 at 8:16:11 AM UTC-7,
>>> kany...@fonality.com wrote:

 First of all I have done my research and found no reasonable
 explanation for my issue. I have a site on heroku that works fine on the
 first page, but when I click a button that I have programmed to go to
 another page, I obtain the infamous CSRF error. The reason for this error
 is CSRF cookie is not set. Here is a description of the background work
 done on the dev side:

 1. Settings.py

 MIDDLEWARE_CLASSES = (
 'django.contrib.sessions.middleware.SessionMiddleware',
 'django.middleware.common.CommonMiddleware',
 'django.middleware.csrf.CsrfViewMiddleware',
 'django.contrib.auth.middleware.AuthenticationMiddleware',
 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
 'django.contrib.messages.middleware.MessageMiddleware',
 'django.middleware.clickjacking.XFrameOptionsMiddleware',
 #'django.middleware.security.SecurityMiddleware',
  'django.middleware.csrf.CsrfViewMiddleware',
 )

 2. base.py

 >>> "/menu/">
 {% csrf_token %}

 
 
 
 
 
   >>> placeholder="Password" type="text">
 
 
 

 Log In

 

   

 3. views.py

 def menu(request):

 return render_to_response('home/base_1.html', context_instance =
 RequestContext(request, {}) )

 4. javascript for the function logIn() that is executed when the button
 is clicked from (2)


 function logIn ()
 {
 alert('Form has been submitted');
 document.getElementById('loginform').submit();
 }

 I am seriously bewildered and cannot understand why the base_1.html
 site is not being rendered and I am getting this CSRF error ! Please help
 me,





 --
>>> You received this message because you are subscribed to the Google
>>> Groups "Django users" group.
>>> To unsubscribe from this group and stop receiving emails from it, send
>>> an email to django-users+unsubscr...@googlegroups.com.
>>> To post to this group, send email to django-users@googlegroups.com.
>>> Visit this group at http://groups.google.com/group/django-users.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/django-users/14ec3bc1-c7ff-4d3e-8065-9eae959720fc%40googlegroups.com
>>> 
>>> .
>>>
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
>>
>> --
>> *monoBOT*
>> Visite mi sitio(Visit my site): monobotsoft.es/blog/
>>
>> --
>> You received this message because you are subscribed to a topic in the
>> Google Groups "Django users" group.
>> To unsubscribe from this topic, visit
>> https://groups.google.com/d/topic/django-users/scpBffl8s3A/unsubscribe.
>> To unsubscribe from this group and all its topics, send an email to
>> django-users+unsubscr...@googlegroups.com.
>> To post to this group, send email to django-users@googlegroups.com.
>> Visit this group at http://groups.google.com/group/django-users.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/django-users/CA%2BxOsGCqOXSCs7dFDTNNfgEgKHk2vsbXNEmFN4LpkgNabgjVNA%40mail.gmail.com
>> 
>> .
>>
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAE1x1E12Yg%3DJWs9Q1vgnVwgJkBLOxU9CKjij5POzQUXFERDkEw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: CSRF cookie not set issue

[Kevin Anyanwu]

base_1.html



  


goals







  
  



Cirriculmn
Notes
Collaborte



  




  


On Thu, Sep 10, 2015 at 8:49 AM, monoBOT  wrote:

> show us the base_1.html
>
> 2015-09-10 16:18 GMT+01:00 :
>
>> By the way, I am using Django 1.8.3 (final)
>>
>>
>> On Thursday, September 10, 2015 at 8:16:11 AM UTC-7, kany...@fonality.com
>> wrote:
>>>
>>> First of all I have done my research and found no reasonable explanation
>>> for my issue. I have a site on heroku that works fine on the first page,
>>> but when I click a button that I have programmed to go to another page, I
>>> obtain the infamous CSRF error. The reason for this error is CSRF cookie is
>>> not set. Here is a description of the background work done on the dev side:
>>>
>>> 1. Settings.py
>>>
>>> MIDDLEWARE_CLASSES = (
>>> 'django.contrib.sessions.middleware.SessionMiddleware',
>>> 'django.middleware.common.CommonMiddleware',
>>> 'django.middleware.csrf.CsrfViewMiddleware',
>>> 'django.contrib.auth.middleware.AuthenticationMiddleware',
>>> 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
>>> 'django.contrib.messages.middleware.MessageMiddleware',
>>> 'django.middleware.clickjacking.XFrameOptionsMiddleware',
>>> #'django.middleware.security.SecurityMiddleware',
>>>  'django.middleware.csrf.CsrfViewMiddleware',
>>> )
>>>
>>> 2. base.py
>>>
>>> 
>>> {% csrf_token %}
>>>
>>> 
>>> 
>>> 
>>> 
>>> 
>>>   >> placeholder="Password" type="text">
>>> 
>>> 
>>> 
>>>
>>> Log In
>>>
>>> 
>>>
>>>   
>>>
>>> 3. views.py
>>>
>>> def menu(request):
>>>
>>> return render_to_response('home/base_1.html', context_instance =
>>> RequestContext(request, {}) )
>>>
>>> 4. javascript for the function logIn() that is executed when the button
>>> is clicked from (2)
>>>
>>>
>>> function logIn ()
>>> {
>>> alert('Form has been submitted');
>>> document.getElementById('loginform').submit();
>>> }
>>>
>>> I am seriously bewildered and cannot understand why the base_1.html site
>>> is not being rendered and I am getting this CSRF error ! Please help me,
>>>
>>>
>>>
>>>
>>>
>>> --
>> You received this message because you are subscribed to the Google Groups
>> "Django users" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to django-users+unsubscr...@googlegroups.com.
>> To post to this group, send email to django-users@googlegroups.com.
>> Visit this group at http://groups.google.com/group/django-users.
>> To view this discussion on the web visit
>> https://groups.google.com/d/msgid/django-users/14ec3bc1-c7ff-4d3e-8065-9eae959720fc%40googlegroups.com
>> 
>> .
>>
>> For more options, visit https://groups.google.com/d/optout.
>>
>
>
>
> --
> *monoBOT*
> Visite mi sitio(Visit my site): monobotsoft.es/blog/
>
> --
> You received this message because you are subscribed to a topic in the
> Google Groups "Django users" group.
> To unsubscribe from this topic, visit
> https://groups.google.com/d/topic/django-users/scpBffl8s3A/unsubscribe.
> To unsubscribe from this group and all its topics, send an email to
> django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/CA%2BxOsGCqOXSCs7dFDTNNfgEgKHk2vsbXNEmFN4LpkgNabgjVNA%40mail.gmail.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CAE1x1E1GHk135fGwxVG8e6Gk6EqD51Jv_JsEexE-7r0HuPhkTA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: CSRF cookie not set issue

[monoBOT]

show us the base_1.html

2015-09-10 16:18 GMT+01:00 :

> By the way, I am using Django 1.8.3 (final)
>
>
> On Thursday, September 10, 2015 at 8:16:11 AM UTC-7, kany...@fonality.com
> wrote:
>>
>> First of all I have done my research and found no reasonable explanation
>> for my issue. I have a site on heroku that works fine on the first page,
>> but when I click a button that I have programmed to go to another page, I
>> obtain the infamous CSRF error. The reason for this error is CSRF cookie is
>> not set. Here is a description of the background work done on the dev side:
>>
>> 1. Settings.py
>>
>> MIDDLEWARE_CLASSES = (
>> 'django.contrib.sessions.middleware.SessionMiddleware',
>> 'django.middleware.common.CommonMiddleware',
>> 'django.middleware.csrf.CsrfViewMiddleware',
>> 'django.contrib.auth.middleware.AuthenticationMiddleware',
>> 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
>> 'django.contrib.messages.middleware.MessageMiddleware',
>> 'django.middleware.clickjacking.XFrameOptionsMiddleware',
>> #'django.middleware.security.SecurityMiddleware',
>>  'django.middleware.csrf.CsrfViewMiddleware',
>> )
>>
>> 2. base.py
>>
>> 
>> {% csrf_token %}
>>
>> 
>> 
>> 
>> 
>> 
>>   > placeholder="Password" type="text">
>> 
>> 
>> 
>>
>> > type="button" onClick ="logIn();">Log In
>>
>> 
>>
>>   
>>
>> 3. views.py
>>
>> def menu(request):
>>
>> return render_to_response('home/base_1.html', context_instance =
>> RequestContext(request, {}) )
>>
>> 4. javascript for the function logIn() that is executed when the button
>> is clicked from (2)
>>
>>
>> function logIn ()
>> {
>> alert('Form has been submitted');
>> document.getElementById('loginform').submit();
>> }
>>
>> I am seriously bewildered and cannot understand why the base_1.html site
>> is not being rendered and I am getting this CSRF error ! Please help me,
>>
>>
>>
>>
>>
>> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users+unsubscr...@googlegroups.com.
> To post to this group, send email to django-users@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/14ec3bc1-c7ff-4d3e-8065-9eae959720fc%40googlegroups.com
> 
> .
>
> For more options, visit https://groups.google.com/d/optout.
>



-- 
*monoBOT*
Visite mi sitio(Visit my site): monobotsoft.es/blog/

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2BxOsGCqOXSCs7dFDTNNfgEgKHk2vsbXNEmFN4LpkgNabgjVNA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Re: CSRF cookie not set issue

[kanyanwu]

By the way, I am using Django 1.8.3 (final)

On Thursday, September 10, 2015 at 8:16:11 AM UTC-7, kany...@fonality.com 
wrote:
>
> First of all I have done my research and found no reasonable explanation 
> for my issue. I have a site on heroku that works fine on the first page, 
> but when I click a button that I have programmed to go to another page, I 
> obtain the infamous CSRF error. The reason for this error is CSRF cookie is 
> not set. Here is a description of the background work done on the dev side:
>
> 1. Settings.py
>
> MIDDLEWARE_CLASSES = (
> 'django.contrib.sessions.middleware.SessionMiddleware',
> 'django.middleware.common.CommonMiddleware',
> 'django.middleware.csrf.CsrfViewMiddleware',
> 'django.contrib.auth.middleware.AuthenticationMiddleware',
> 'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
> 'django.contrib.messages.middleware.MessageMiddleware',
> 'django.middleware.clickjacking.XFrameOptionsMiddleware',
> #'django.middleware.security.SecurityMiddleware',
>  'django.middleware.csrf.CsrfViewMiddleware',
> )
>
> 2. base.py
>
>  
> {% csrf_token %}
>
> 
>   
> 
> 
> 
>placeholder="Password" type="text">
>
> 
>
>
>  type="button" onClick ="logIn();">Log In
>
> 
>
>   
>
> 3. views.py
>
> def menu(request):
>
> return render_to_response('home/base_1.html', context_instance = 
> RequestContext(request, {}) )
>
> 4. javascript for the function logIn() that is executed when the button is 
> clicked from (2)
>
>
> function logIn ()
> {
> alert('Form has been submitted');
> document.getElementById('loginform').submit();
> }
>
> I am seriously bewildered and cannot understand why the base_1.html site 
> is not being rendered and I am getting this CSRF error ! Please help me,
>
>
>
>
>
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/14ec3bc1-c7ff-4d3e-8065-9eae959720fc%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.