On Monday, June 25, 2012 3:12:44 PM UTC+2, Kurtis wrote:
>
> > POST:<QueryDict: {u'{"user":"test_user","password":"test_password"}':
>> > [u'']}>,
>>
>> Wait a second...
>> Where's your csrfmiddlewaretoken from the {% csrf_token %} field that
>> you put in your form?
>>
>> This is the process:
>> - the cookie token is basically a lock
>> - the POST request resembles trying to open the door with that lock
>> - the formfield token is a key
>>
>> No key, no open door.
>> Wrong key, no open door.
>
>
> +1
> Looks like your CSRF Token is missing from the POST data.
>
The csrf token is supposed to be part of the POST data (i.e. the message
body)? I thought it only needed to be in the header. Aha! I will check
the django docs on this.
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To view this discussion on the web visit
https://groups.google.com/d/msg/django-users/-/exrdEKHy98IJ.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
django-users+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
