Hello Hendrik, Thank you for the explanation. It is *very* helpful!
voss On Monday, June 4, 2012 8:21:15 PM UTC-5, henzk wrote: > > Hi Voss, > > i forgot about django's CSRF protection. > You can use the csrf_exempt decorator on the view function to disable > django's CSRF protection - however, i wouldn't recommend that. > > There is a script at > https://docs.djangoproject.com/en/dev/ref/contrib/csrf/ > To use the script with dojo instead of jquery, you will need to adapt it a > little: > > -copy the getCookie function to your code > > then, every time you make a POST request to your application using > dojo.xhrPost, add this to the arguments object: > > headers: {'X-CSRFToken': getCookie('csrftoken')} > > If you are still getting HTTP 400 errors, verify that the request looks > sane in firebug and check that it contains a X_HTTP_REQUESTED_WITH header > set to XMLHttpRequest (but i am pretty sure dojo adds this one > automatically). > > hendrik > > Am Montag, 4. Juni 2012 18:33:21 UTC+2 schrieb voss: >> >> Hi Hendrik, >> >> I forgot to mention in my previous message that the debug shows the >> following: >> >> code 400, message Bad request syntax >> ("\x16\x03\x01\x00\x8b\x01\x00\x00\x87\x03\x01O\xcc\xd8\xc0\x18hZ\x7f\xa3h\xb9l\xaf\xdb\xfbp}(\xc1\xc6\xa5g\x18\xe5!\x87\xd4\xe2`_'\x90\x00\x00H\x00\xff\xc0") >> >> Thank you! >> >> voss >> >> >> >> On Saturday, June 2, 2012 8:46:38 AM UTC-5, henzk wrote: >>> >>> Hi, >>> >>> i haven't tested the code and never used dojo before, but sth. like >>> this should work: >>> >>> var source1 = new dojo.dnd.Source("itemListNode"); >>> var source2 = new dojo.dnd.Target("selectedListNode"); >>> dojo.connect( source1, "onDndDrop", >>> function(source, nodes, copy, target){ >>> //gather items and details >>> var details = []; >>> for( i=0; i < nodes.length; i++){ >>> var item = this.getItem(nodes[i].id); >>> details.push(item.data); >>> } >>> //send details to server via AJAX POST request >>> dojo.xhrPost({ >>> url: "/save_details/", >>> content: {details: JSON.stringify(details)}, >>> // The success handler >>> load: function(response) { >>> alert('ok'); >>> }, >>> // The error handler >>> error: function() { >>> alert("error"); >>> } >>> }); >>> }); >>> >>> Explanation: >>> >>> - changed 'item' to 'var item' ... without the 'var' item will be >>> global, which is probably not what you want. >>> - to get around making multiple requests to the server(one for each >>> dropped node), put the detail of each node in the details array. >>> - then json-encode and send this array to your django view (assumed to >>> be at '/save_details/') >>> - in the view, access the list as >>> json.loads(request.POST.get('details', '[]')) and place it into >>> request.session >>> >>> As mentioned, the code is completely untested. >>> >>> Good luck! >>> >>> Yours, >>> >>> Hendrik Speidel >>> >> -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/oi4T4zIIEcsJ. To post to this group, send email to [email protected]. To unsubscribe from this group, send email to [email protected]. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
