Dear All

I'm developing a django site that I'd like to be accessible from mobile devices. The site is behaving as expecting with desktop browsers (Chrome, Firefox, Safari) and with iPhone and BlackBerry browsers. The Android browser is behaving strangely.

Symptom:

The site has a very simple login page containing a form with username, password and the {% csrf_token %} tag. When trying to login from the Android phone browser, the page returns the "CRSF verification failed" error page (django running debug=True for the moment). However, the user has been logged in: on reloading the page, I get the page I was expecting, along with the user details.

So:

  1. http://eg.com/login/ # ok, enter username "tu01", password, send
  2. http://eg.com/profile/ # error: csrf verification failed, reload
  3. http://eg.com/profile/ # ok, "tu01"'s homepage

Context:

  • I've tried this with django 1.2.7 and django 1.3;
  • The site is running on webfaction;
  • I've tested with another django site, running on a "real" server (physical machine with centos, nginx, etc), with similar login/csrf, and the Android browser works properly.

I can't think what can be the problem. Has anyone else had similar experiences with django's csrf protection, the Android browser and/or webfaction? Can anyone offer any clues?

With thanks and best wishes

Ivan

asked 20 Oct '11, 05:32

ivan_llaisdy's gravatar image

ivan_llaisdy
11
accept rate: 0%

Does this only happen with the stock browser for Android or with other third-party browsers like Dolphin too?

(20 Oct '11, 21:56) neeravk neeravk's gravatar image

Dear neeravk,

Thank you for your comment. That's a good question ...

Ha! I installed Opera Mini and the site works fine! The error effect only happens with the stock browser!

Thanks very much. Do you know what is up with the stock Android browser? Is it based on an old version of IE? Eventually I'm going to have to cope with it.

Best wishes

Ivan

link

answered 21 Oct '11, 03:09

ivan_llaisdy's gravatar image

ivan_llaisdy
11
accept rate: 0%

Hi Ivan,

Both Froyo and Honeycomb versions use the WebKit engine for their browser, so it's probably a bug.

You could search here if such a bug exists and if not, you could as well report it.

(21 Oct '11, 03:29) iliasr ♦♦ iliasr's gravatar image

I am not sure if Opera Mini can be compared with Android browser since Opera Mini renders the page on Opera servers before sending to the phone as far as I know while Android browser renders it on the phone itself.

Can you tell us what version of Android you are using?

As Ilias stated above, reporting it to the Android bug tracker seems like the best option

(21 Oct '11, 03:38) neeravk neeravk's gravatar image

Can you also check if the Android browser is actually setting the csrftoken cookie or not?

(21 Oct '11, 03:47) neeravk neeravk's gravatar image

Dear All, thanks for your comments. I have to go offline for a few days. I'll respond properly on Tuesday. Best wishes, Ivan

link

answered 21 Oct '11, 15:31

ivan_llaisdy's gravatar image

ivan_llaisdy
11
accept rate: 0%

Dear iliasr, neeravk,

Thanks for your help. For now, I've decided to concentrate on the iPhone client, as the webview behaves itself and other parts of development are smoother as well. If/when I come back and solve this I'll post a summary here.

Best wishes

Ivan

link

answered 25 Oct '11, 08:28

ivan_llaisdy's gravatar image

ivan_llaisdy
11
accept rate: 0%

Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "Title")
  • image?![alt text](/path/img.jpg "Title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Tags:

×742
×85
×5
×2

Asked: 20 Oct '11, 05:32

Seen: 1,510 times

Last updated: 25 Oct '11, 08:28

Plans & prices    Sign up    Why WebFaction?    Contact us    Affiliate program    Support    Legal    Jobs    Blog    Control panel login
Powered by OSQA
© Copyright 2003-2012 Swarma Limited - WebFaction is a service of Swarma Limited