Am Dienstag, 13. Mai 2014 16:48:57 UTC+2 schrieb Tom Evans:
>
> On Tue, May 13, 2014 at 2:49 PM, hinnack <[email protected]<javascript:>>
> wrote:
> > Hi,
> >
> > how can I turn off csrf completely - even in the admin interface?
> >
> > My base problem is, that with IE11 (and only IE11) I can not save any
> form
> > in the admin interface. I always get:
> >
> > CSRF verification failed. Request aborted
>
> That message comes from django.views.csrf.csrf_failure. This view is
> only called from the csrf middleware..
>
> >
> >
> > I have no csrf middleware set. What else must be done?
> >
>
> ... which suggests this is not true - re-check that you have actually
> removed it, go to a django shell, type these commands:
>
> from django.conf import settings
> settings.MIDDLEWARE_CLASSES
>
> is CsrfViewMiddleware listed there? If it isn't, have you tried
> turning it off and then on again?
>
> Cheers
>
> Tom
>
Thanks Tom,
but I definitely did that - here is the result:
('django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'schiwago.middleware.header.ResponseInjectHeader',
'schiwago.middleware.auth.BasicAuthMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.transaction.TransactionMiddleware')
What do you mean by turn on/off again? Enable the CsrfViewMiddleware again?
Why could that work? Will that manipulate the client or do any magic on the
server (something in tables)?
regards
Hinnack
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/43d938e4-e54e-45d3-bd6a-bb1a09a3c552%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
