WebFaction
Community site: login faq

I am a complete Django newbie, so I followed the Webfaction Django tutorial found here: http://www.youtube.com/watch?v=YI_2l6rc5Kw

I have installed it at: http://eve-play.com

I managed to get everything working to the first user-screen but couldn't get anything working past that. When I try to submit anything, I just get the following error:

Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
    CSRF token missing or incorrect.

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
The view function uses RequestContext for the template, instead of Context.
In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.

asked 19 Nov '10, 14:12

Alistair
26246
accept rate: 0%


A new feature was added to Django 1.2. Unfortunately, this feature is causing the problem you are experiencing. Django now has Cross Site Request Forgery protection built in, and it is automatically enabled in new projects. You can read more about it here:

http://docs.djangoproject.com/en/dev/ref/contrib/csrf/

If you do not want to enable CSRF, you should be able to disable it by removing django.middleware.csrf.CsrfViewMiddleware from MIDDLEWARE_CLASSES in your settings.py file.

permanent link

answered 19 Nov '10, 14:17

aaronh ♦♦
1.3k3
accept rate: 34%

edited 19 Nov '10, 14:18

The index.html template in the example uses a template variable instead of a template tag for the csrf_token:

replace {{ csrf_token }}
with    {% csrf_token %}

on line 7 in the index.html file and it seems to work fine.

permanent link

answered 22 Dec '10, 11:33

Howard
1
accept rate: 0%

i get the same error even after doing what you have mantioned above,. pls help me to solve

permanent link

answered 13 Nov '14, 08:32

kirthana
1
accept rate: 0%

Please open a support ticket so we can take a look your account directly.

(13 Nov '14, 15:18) bmeyer71 ♦♦
Your answer
toggle preview

Follow this question

By Email:

Once you sign in you will be able to subscribe for any updates here

By RSS:

Answers

Answers and Comments

Markdown Basics

  • *italic* or _italic_
  • **bold** or __bold__
  • link:[text](http://url.com/ "title")
  • image?![alt text](/path/img.jpg "title")
  • numbered list: 1. Foo 2. Bar
  • to add a line break simply add two spaces to where you would like the new line to be.
  • basic HTML tags are also supported

Question tags:

×909
×5
×4

question asked: 19 Nov '10, 14:12

question was seen: 12,276 times

last updated: 13 Nov '14, 15:18

WEBFACTION
REACH US
SUPPORT
AFFILIATE PROGRAM
LEGAL
© COPYRIGHT 2003-2019 SWARMA LIMITED - WEBFACTION IS A SERVICE OF SWARMA LIMITED
REGISTERED IN ENGLAND AND WALES 5729350 - VAT REGISTRATION NUMBER 877397162
5TH FLOOR, THE OLD VINYL FACTORY, HAYES, UB3 1HA, UNITED KINGDOM