In the rendered version sent to the browser, are you able to validate that
the CSRF token is actually being created and inserted as a hidden element
in your form?

Also, it doesn't look like any of your buttons are marked as type=submit.
Not sure if that matters when submitting via JS though.

-James
On Sep 11, 2015 7:56 PM, "Kevin Anyanwu" <[email protected]> wrote:

> Can anyone help ?
>
> On Thu, Sep 10, 2015 at 8:34 PM, Kevin Anyanwu <[email protected]>
> wrote:
>
>> base_1.html
>>
>> <!DOCTYPE html>
>> <html lang="en">
>>   <head>
>>     <meta http-equiv="content-type" content="text/html; charset=UTF-8">
>>     <meta charset="utf-8">
>>     <title>goals</title>
>>     <meta name="generator" content="Bootply" />
>>     <meta name="viewport" content="width=device-width, initial-scale=1,
>> maximum-scale=1">
>>
>>     <!--[if lt IE 9]>
>>       <script src="//html5shim.googlecode.com/svn/trunk/html5.js
>> "></script>
>>     <![endif]-->
>>         <!-- Custom CSS -->
>>     <link href="../../static/css/app.css" rel="stylesheet">
>>
>>   </head>
>>   <body>
>>
>> <div id="menu" class="default">
>> <ul>
>> <li><a href="#">Cirriculmn</a></li>
>> <li><a href="#">Notes</a></li>
>> <li><a href="#">Collaborte</a></li>
>> </div>
>>
>>
>>   <!-- script references -->
>>     <script type="text/javascript" src="jquery.min.js"
>> charset="utf-8"></script>
>>     <script src="//
>> ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js"></script>
>>     <script src="../../static/assets/js/bootstrap.min.js"></script>
>>     <script src="../../static/assets/js/menubar.js"></script>
>>   </body>
>> </html>
>>
>> On Thu, Sep 10, 2015 at 8:49 AM, monoBOT <[email protected]> wrote:
>>
>>> show us the base_1.html
>>>
>>> 2015-09-10 16:18 GMT+01:00 <[email protected]>:
>>>
>>>> By the way, I am using Django 1.8.3 (final)
>>>>
>>>>
>>>> On Thursday, September 10, 2015 at 8:16:11 AM UTC-7,
>>>> [email protected] wrote:
>>>>>
>>>>> First of all I have done my research and found no reasonable
>>>>> explanation for my issue. I have a site on heroku that works fine on the
>>>>> first page, but when I click a button that I have programmed to go to
>>>>> another page, I obtain the infamous CSRF error. The reason for this error
>>>>> is CSRF cookie is not set. Here is a description of the background work
>>>>> done on the dev side:
>>>>>
>>>>> 1. Settings.py
>>>>>
>>>>> MIDDLEWARE_CLASSES = (
>>>>>     'django.contrib.sessions.middleware.SessionMiddleware',
>>>>>     'django.middleware.common.CommonMiddleware',
>>>>>     'django.middleware.csrf.CsrfViewMiddleware',
>>>>>     'django.contrib.auth.middleware.AuthenticationMiddleware',
>>>>>     'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
>>>>>     'django.contrib.messages.middleware.MessageMiddleware',
>>>>>     'django.middleware.clickjacking.XFrameOptionsMiddleware',
>>>>>     #'django.middleware.security.SecurityMiddleware',
>>>>>      'django.middleware.csrf.CsrfViewMiddleware',
>>>>> )
>>>>>
>>>>> 2. base.py
>>>>>
>>>>> <form class="col-lg-12" method = "post" id="loginform" action=
>>>>> "/menu/">
>>>>>             {% csrf_token %}
>>>>>
>>>>>             <div class="input-group" style="width:
>>>>> 65%;0px;text-align:center;margin:0 auto;">
>>>>>             <input class="form-control input-lg" title="Don't worry.
>>>>> We hate spam, and will not share your email with anyone."
>>>>> placeholder="Email address" type="text">
>>>>>             </div>
>>>>>             <br>
>>>>>             <div class="input-group" style="width:
>>>>> 65%;0px;text-align:center;margin:0 auto;">
>>>>>               <input class="form-control input-lg" title="Don't worry.
>>>>> We hate spam, and will not share your email with anyone."
>>>>> placeholder="Password" type="text">
>>>>>             </div>
>>>>>             <br>
>>>>>             <br>
>>>>>
>>>>>             <button class="btn btn-lg btn-primary" style = "width:
>>>>> 100px" type="button" onClick ="logIn();">Log In</button>
>>>>>
>>>>>             <br><br>
>>>>>
>>>>>           </form>
>>>>>
>>>>> 3. views.py
>>>>>
>>>>> def menu(request):
>>>>>
>>>>>     return render_to_response('home/base_1.html', context_instance =
>>>>> RequestContext(request, {}) )
>>>>>
>>>>> 4. javascript for the function logIn() that is executed when the
>>>>> button is clicked from (2)
>>>>>
>>>>>
>>>>> function logIn ()
>>>>> {
>>>>>     alert('Form has been submitted');
>>>>>     document.getElementById('loginform').submit();
>>>>> }
>>>>>
>>>>> I am seriously bewildered and cannot understand why the base_1.html
>>>>> site is not being rendered and I am getting this CSRF error ! Please help
>>>>> me,
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>> You received this message because you are subscribed to the Google
>>>> Groups "Django users" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to [email protected].
>>>> To post to this group, send email to [email protected].
>>>> Visit this group at http://groups.google.com/group/django-users.
>>>> To view this discussion on the web visit
>>>> https://groups.google.com/d/msgid/django-users/14ec3bc1-c7ff-4d3e-8065-9eae959720fc%40googlegroups.com
>>>> <https://groups.google.com/d/msgid/django-users/14ec3bc1-c7ff-4d3e-8065-9eae959720fc%40googlegroups.com?utm_medium=email&utm_source=footer>
>>>> .
>>>>
>>>> For more options, visit https://groups.google.com/d/optout.
>>>>
>>>
>>>
>>>
>>> --
>>> *monoBOT*
>>> Visite mi sitio(Visit my site): monobotsoft.es/blog/
>>>
>>> --
>>> You received this message because you are subscribed to a topic in the
>>> Google Groups "Django users" group.
>>> To unsubscribe from this topic, visit
>>> https://groups.google.com/d/topic/django-users/scpBffl8s3A/unsubscribe.
>>> To unsubscribe from this group and all its topics, send an email to
>>> [email protected].
>>> To post to this group, send email to [email protected].
>>> Visit this group at http://groups.google.com/group/django-users.
>>> To view this discussion on the web visit
>>> https://groups.google.com/d/msgid/django-users/CA%2BxOsGCqOXSCs7dFDTNNfgEgKHk2vsbXNEmFN4LpkgNabgjVNA%40mail.gmail.com
>>> <https://groups.google.com/d/msgid/django-users/CA%2BxOsGCqOXSCs7dFDTNNfgEgKHk2vsbXNEmFN4LpkgNabgjVNA%40mail.gmail.com?utm_medium=email&utm_source=footer>
>>> .
>>>
>>> For more options, visit https://groups.google.com/d/optout.
>>>
>>
>>
> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to [email protected].
> To post to this group, send email to [email protected].
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/CAE1x1E12Yg%3DJWs9Q1vgnVwgJkBLOxU9CKjij5POzQUXFERDkEw%40mail.gmail.com
> <https://groups.google.com/d/msgid/django-users/CAE1x1E12Yg%3DJWs9Q1vgnVwgJkBLOxU9CKjij5POzQUXFERDkEw%40mail.gmail.com?utm_medium=email&utm_source=footer>
> .
> For more options, visit https://groups.google.com/d/optout.
>

-- 
You received this message because you are subscribed to the Google Groups 
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit 
https://groups.google.com/d/msgid/django-users/CA%2Be%2BciWEmRN91O7kL3E2zXZy8Tr3WrsNCFAucODvVssb1gyTZw%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.

Reply via email to