Yes, I've added the token in the cookie. Yes, I've added the cookie in the form post variable. Yes, I've added as a GET post variable. Yes, I've tried adding as a POST variable. Yes, I've set it to what the server sends back. Yes, I've set it to what the server-side sends back as a Cookie.
... none of it works. On Sunday, June 15, 2014 1:03:06 PM UTC-4, Renato Oliveira wrote: > > Since you've been trying for so long, may be a obvious answer, but have > you tried with this? > > https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ajax > > Renato Oliveira > @_renatooliveira <http://twitter.com/_renatooliveira> > Labcodes - www.labcodes.com.br > > > > On Sun, Jun 15, 2014 at 11:38 AM, Jesse Warden <jesse....@gmail.com > <javascript:>> wrote: > >> I've read the stack overflow posts, blog articles on how CSRF works, etc, >> but still failing to get this to work in both JavaScript and Dart. No >> matter what I try, I keep getting a 403 for my login method. I've attempted >> various Apache/Virtual Host programs for Mac to run a local domain in hopes >> it was just a localhost or browser security problem, all to no avail. I >> used to be able to disable web security on Chrome, but that doesn't seem to >> work anymore. >> >> Client Code: >> >> https://github.com/JesterXL/workoutlogger/blob/master/client/WorkoutLoggerDartAngular2/web/com/jessewarden/workoutlogger/login/GetTokenService.dart >> >> >> https://github.com/JesterXL/workoutlogger/blob/master/client/WorkoutLoggerDartAngular2/web/com/jessewarden/workoutlogger/login/LoginService.dart >> >> Server Code: >> >> https://github.com/JesterXL/workoutlogger/blob/master/server/workoutlogger/workoutapi/views.py >> >> HTTP Responses: >> https://gist.github.com/JesterXL/b7fb18f30e80e0156c98 >> https://gist.github.com/JesterXL/9c148016911622dfee66 >> https://gist.github.com/JesterXL/8cfd28edf6aebfe1afd4 >> >> Thanks if you can help! >> >> -- >> You received this message because you are subscribed to the Google Groups >> "Django users" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to django-users...@googlegroups.com <javascript:>. >> To post to this group, send email to django...@googlegroups.com >> <javascript:>. >> Visit this group at http://groups.google.com/group/django-users. >> To view this discussion on the web visit >> https://groups.google.com/d/msgid/django-users/8aa70895-afc4-41f7-865b-46fba033fff1%40googlegroups.com >> >> <https://groups.google.com/d/msgid/django-users/8aa70895-afc4-41f7-865b-46fba033fff1%40googlegroups.com?utm_medium=email&utm_source=footer> >> . >> For more options, visit https://groups.google.com/d/optout. >> > > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/cad2f35a-3010-4843-be5a-0b0b07a91a03%40googlegroups.com. For more options, visit https://groups.google.com/d/optout.
