Thanks.
I did both what you said (modified form to have csrf tag)
<form action="." method="post">{% csrf_token %}
and made sure the csrf includes were correct. I was missing one.
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.middleware.csrf.CsrfResponseMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)
On Nov 4, 10:41 am, Russell Keith-Magee <russ...@keith-magee.com>
wrote:
> On Thu, Nov 4, 2010 at 10:32 PM, octopusgrabbus
>
>
>
> <old_road_f...@verizon.net> wrote:
> > I have a simple form:
>
> > {% extends "base.html" %}
> > {% block title %}Take Snapshot of Billing Reads{% endblock %}
> > {% block head %}Take Snapshot of Billing Read{% endblock %}
>
> > {% block content %}
> > {% if user.username %}
> > <br><br>
> > <form action="." method="post">
> > {{ form.as_p }}
> > <p><label for="Section Number">Section Number:</label>
> > <input id="cycle" type="text" name="cycle" maxlength="1"
> > size="1" /></p>
> > <input type="submit" value="Snap Read" />
> > </form>
> > {% else %}
> > <p>Please <a href="/login">log in</a>.</p>
> > {% endif %}
> > {% endblock %}
>
> > def read_snap(request):
> > if request.method == 'POST': # If the form has been submitted...
> > form = ReadSnapForm(request.POST)
> > if form.is_valid(): # All validation rules pass
> > # Process the data in form.cleaned_data
> > # ...
> > return HttpResponseRedirect('/read_snap/') # Redirect
> > after POST
> > else:
> > form = ReadSnapForm() # An unbound form
>
> > variables = RequestContext(request, {
> > 'form': form
> > })
>
> > return render_to_response('after_read_snap.html', variables)
>
> > But I keep getting a 403 regarding CRSF verification.
>
> > This is an internal web site, whose sophistication I intend to grow
> > over time, but right now, it will consist of simple forms that launch
> > Python programs.
>
> > What do I need to do to get around the CRSF error? I've tried using
> > Context instead of RequestContext, and then get the error that I need
> > to use RequestContext.
>
> When you get a 403 error, the error page lists 3 things you should try
> to fix the problem.
>
> The first suggestion is to use a RequestContext.
>
> The second suggestion is to ensure that "In the template, there is a
> {% csrf_token %} template tag inside each POST form that targets an
> internal URL."
>
> The template you've shown here doesn't contain a {% csrf_token %}. Add
> that, and your problem will go away.
>
> Yours,
> Russ Magee %-)
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-us...@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
