Hi,
> At the point the first AJAX request is sent, the user doesn't have a validCSRF
> token yet, since the user hasn't visited a Django page yet. .That's why a GET
> may be preferable here.
You could send the csrf token with the 1st page request via set-
cookie:
from django.middleware.csrf import get_token
def index(request):
""" A function to render the home page
"""
# Any page that is not login required but that can
# send a dajax request to log in needs to have a csrf cookie sent
to it.
get_token(request)
# Return rendered HTML
return render_to_response('index.html', RequestContext(request))
# end def
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en.
