In the rendered version sent to the browser, are you able to validate that the CSRF token is actually being created and inserted as a hidden element in your form?
Also, it doesn't look like any of your buttons are marked as type=submit. Not sure if that matters when submitting via JS though. -James On Sep 11, 2015 7:56 PM, "Kevin Anyanwu" <[email protected]> wrote: > Can anyone help ? > > On Thu, Sep 10, 2015 at 8:34 PM, Kevin Anyanwu <[email protected]> > wrote: > >> base_1.html >> >> <!DOCTYPE html> >> <html lang="en"> >> <head> >> <meta http-equiv="content-type" content="text/html; charset=UTF-8"> >> <meta charset="utf-8"> >> <title>goals</title> >> <meta name="generator" content="Bootply" /> >> <meta name="viewport" content="width=device-width, initial-scale=1, >> maximum-scale=1"> >> >> <!--[if lt IE 9]> >> <script src="//html5shim.googlecode.com/svn/trunk/html5.js >> "></script> >> <![endif]--> >> <!-- Custom CSS --> >> <link href="../../static/css/app.css" rel="stylesheet"> >> >> </head> >> <body> >> >> <div id="menu" class="default"> >> <ul> >> <li><a href="#">Cirriculmn</a></li> >> <li><a href="#">Notes</a></li> >> <li><a href="#">Collaborte</a></li> >> </div> >> >> >> <!-- script references --> >> <script type="text/javascript" src="jquery.min.js" >> charset="utf-8"></script> >> <script src="// >> ajax.googleapis.com/ajax/libs/jquery/2.0.2/jquery.min.js"></script> >> <script src="../../static/assets/js/bootstrap.min.js"></script> >> <script src="../../static/assets/js/menubar.js"></script> >> </body> >> </html> >> >> On Thu, Sep 10, 2015 at 8:49 AM, monoBOT <[email protected]> wrote: >> >>> show us the base_1.html >>> >>> 2015-09-10 16:18 GMT+01:00 <[email protected]>: >>> >>>> By the way, I am using Django 1.8.3 (final) >>>> >>>> >>>> On Thursday, September 10, 2015 at 8:16:11 AM UTC-7, >>>> [email protected] wrote: >>>>> >>>>> First of all I have done my research and found no reasonable >>>>> explanation for my issue. I have a site on heroku that works fine on the >>>>> first page, but when I click a button that I have programmed to go to >>>>> another page, I obtain the infamous CSRF error. The reason for this error >>>>> is CSRF cookie is not set. Here is a description of the background work >>>>> done on the dev side: >>>>> >>>>> 1. Settings.py >>>>> >>>>> MIDDLEWARE_CLASSES = ( >>>>> 'django.contrib.sessions.middleware.SessionMiddleware', >>>>> 'django.middleware.common.CommonMiddleware', >>>>> 'django.middleware.csrf.CsrfViewMiddleware', >>>>> 'django.contrib.auth.middleware.AuthenticationMiddleware', >>>>> 'django.contrib.auth.middleware.SessionAuthenticationMiddleware', >>>>> 'django.contrib.messages.middleware.MessageMiddleware', >>>>> 'django.middleware.clickjacking.XFrameOptionsMiddleware', >>>>> #'django.middleware.security.SecurityMiddleware', >>>>> 'django.middleware.csrf.CsrfViewMiddleware', >>>>> ) >>>>> >>>>> 2. base.py >>>>> >>>>> <form class="col-lg-12" method = "post" id="loginform" action= >>>>> "/menu/"> >>>>> {% csrf_token %} >>>>> >>>>> <div class="input-group" style="width: >>>>> 65%;0px;text-align:center;margin:0 auto;"> >>>>> <input class="form-control input-lg" title="Don't worry. >>>>> We hate spam, and will not share your email with anyone." >>>>> placeholder="Email address" type="text"> >>>>> </div> >>>>> <br> >>>>> <div class="input-group" style="width: >>>>> 65%;0px;text-align:center;margin:0 auto;"> >>>>> <input class="form-control input-lg" title="Don't worry. >>>>> We hate spam, and will not share your email with anyone." >>>>> placeholder="Password" type="text"> >>>>> </div> >>>>> <br> >>>>> <br> >>>>> >>>>> <button class="btn btn-lg btn-primary" style = "width: >>>>> 100px" type="button" onClick ="logIn();">Log In</button> >>>>> >>>>> <br><br> >>>>> >>>>> </form> >>>>> >>>>> 3. views.py >>>>> >>>>> def menu(request): >>>>> >>>>> return render_to_response('home/base_1.html', context_instance = >>>>> RequestContext(request, {}) ) >>>>> >>>>> 4. javascript for the function logIn() that is executed when the >>>>> button is clicked from (2) >>>>> >>>>> >>>>> function logIn () >>>>> { >>>>> alert('Form has been submitted'); >>>>> document.getElementById('loginform').submit(); >>>>> } >>>>> >>>>> I am seriously bewildered and cannot understand why the base_1.html >>>>> site is not being rendered and I am getting this CSRF error ! Please help >>>>> me, >>>>> >>>>> >>>>> >>>>> >>>>> >>>>> -- >>>> You received this message because you are subscribed to the Google >>>> Groups "Django users" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To post to this group, send email to [email protected]. >>>> Visit this group at http://groups.google.com/group/django-users. >>>> To view this discussion on the web visit >>>> https://groups.google.com/d/msgid/django-users/14ec3bc1-c7ff-4d3e-8065-9eae959720fc%40googlegroups.com >>>> <https://groups.google.com/d/msgid/django-users/14ec3bc1-c7ff-4d3e-8065-9eae959720fc%40googlegroups.com?utm_medium=email&utm_source=footer> >>>> . >>>> >>>> For more options, visit https://groups.google.com/d/optout. >>>> >>> >>> >>> >>> -- >>> *monoBOT* >>> Visite mi sitio(Visit my site): monobotsoft.es/blog/ >>> >>> -- >>> You received this message because you are subscribed to a topic in the >>> Google Groups "Django users" group. >>> To unsubscribe from this topic, visit >>> https://groups.google.com/d/topic/django-users/scpBffl8s3A/unsubscribe. >>> To unsubscribe from this group and all its topics, send an email to >>> [email protected]. >>> To post to this group, send email to [email protected]. >>> Visit this group at http://groups.google.com/group/django-users. >>> To view this discussion on the web visit >>> https://groups.google.com/d/msgid/django-users/CA%2BxOsGCqOXSCs7dFDTNNfgEgKHk2vsbXNEmFN4LpkgNabgjVNA%40mail.gmail.com >>> <https://groups.google.com/d/msgid/django-users/CA%2BxOsGCqOXSCs7dFDTNNfgEgKHk2vsbXNEmFN4LpkgNabgjVNA%40mail.gmail.com?utm_medium=email&utm_source=footer> >>> . >>> >>> For more options, visit https://groups.google.com/d/optout. >>> >> >> > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to [email protected]. > To post to this group, send email to [email protected]. > Visit this group at http://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/CAE1x1E12Yg%3DJWs9Q1vgnVwgJkBLOxU9CKjij5POzQUXFERDkEw%40mail.gmail.com > <https://groups.google.com/d/msgid/django-users/CAE1x1E12Yg%3DJWs9Q1vgnVwgJkBLOxU9CKjij5POzQUXFERDkEw%40mail.gmail.com?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CA%2Be%2BciWEmRN91O7kL3E2zXZy8Tr3WrsNCFAucODvVssb1gyTZw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.

