On Sat, 22 Oct 2011 20:32:02 +0100 Kayode Odeyemi <drey...@gmail.com> wrote: > On Sat, Oct 22, 2011 at 9:40 PM, <web2.0+goo...@pronweb.de> wrote: > > Drupal cannot know about the CSRF token it has to send. > > > > You'd need to disable the CSRF-Check for that view. > > You can use the csrf_exempt decorator for example, found in the > > django.views.decorators.csrf module. > > > Cool! Worked like a charm. I wish I could have csrf turned on for > this though.
Well, you can always implement your own CSRF checks. But what you're doing (POST from a drupal application to django) *is* in fact a CSR, so you cannot use the default protection without additional hacking. Regards, ch3ka -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
