Re: CSRF Issue

On Thursday, 14 June 2012 08:46:24 UTC+1, cmac0tt wrote:

I feel like an idiot here, I've worked my way around this multiple times but its just not working this time and as you can see ive thrown every method there is in the documentation at it.

(note that I am learning python and django right now on the fly) however here is my views, the form with the token, and my models (threw in the middleware settings from my settings.py and my urls just in case. Let me know if you need anything else. Remember, just learning here, and learning by converting a walkthrough presentation of building a wiki on pre 0.96 on 1.4 so I've had to learn a lot of changes etc. Its helping, mind you, this one step is getting frustrating now after two nights of it.

http://dpaste.org/X1Xoh/

let me know if you have any ideas, and remember, I'm not big on the snake talk just yet.

Thanks.

You *do* seem to have thrown every method in.

Firstly, you don't need the @csrf_protect decorator, or all that stuff with c.update(csrf(request)) - the second especially as you're then not doing anything with `c`! The point of that is if you're not using a context processor, you should then pass `c` as the basis for the template context, because it already contains the csrf token. But you're just throwing it away.

So, remove those two things. Also, take out those cache_pages - you most *definitely* do not want to cache the edit or save pages. Now see if it's any better, and report back what happens.

--

DR.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/e2DRkVBojkgJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.