On Tuesday, 13 November 2012 08:05:28 UTC, Nebros wrote: > <snip> > Forbidden (403)--------------------------------- > > CSRF verification failed. Request aborted. > Help > > Reason given for failure: > > CSRF cookie not set. > > > In general, this can occur when there is a genuine Cross Site Request > Forgery, or when *Django's CSRF > mechanism*<http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ref-contrib-csrf>has > not been used correctly. For POST forms, you need to ensure: > > - Your browser is accepting cookies. > - The view function uses > *RequestContext*<http://docs.djangoproject.com/en/dev/ref/templates/api/#subclassing-context-requestcontext>for > the template, instead of > Context. > - In the template, there is a {% csrf_token %} template tag inside > each POST form that targets an internal URL. > - If you are not using CsrfViewMiddleware, then you must use > csrf_protect on any views that use the csrf_token template tag, as > well as those that accept the POST data. > > You're seeing the help section of this page because you have DEBUG = Truein > your Django settings file. Change that to > False, and only the initial error message will be displayed. > > You can customize this page using the CSRF_FAILURE_VIEW setting. > > I don't really know how this error message could be clearer. Point 2 clearly explains what is wrong in your case, complete with a link to the documentation explaining how to fix it. -- DR.
-- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/coYceYRLbl0J. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
