Re: 'CSRF verification failed." from django.contrib.comments. can you help solve it? django 1.3
It works now that I have fully uninstalled pybbm. Pybbm was incompatible with my app because it also extended the User object (something apparently you can only do once?) -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: 'CSRF verification failed." from django.contrib.comments. can you help solve it? django 1.3
On 30-6-2012 8:39, brycenesbitt wrote: > {% csrf_token %} > > I render my form with: > {% render_comment_form for entry %} You should verify if the generated html looks sane. If you need help with that, put it up on dpaste. > --- > I should note it did work when I first added it to the application. It > broke after I added pybbm. I've since removed pybbm (it is maintained and > broken), but comments > started getting csrf errors. Any chance pybbm started messing with the session storage backend and you haven't set it back correctly? Do any sessions work at all? -- Melvyn Sopacua -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: 'CSRF verification failed." from django.contrib.comments. can you help solve it? django 1.3
On Thursday, June 28, 2012 10:43:58 AM UTC-7, jonas wrote: > > After the starting form tag add {% csrf_token %} > I can't. It is rendered for me by {% render_comment_form for entry %} -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/P_1zIG9fUC4J. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: 'CSRF verification failed." from django.contrib.comments. can you help solve it? django 1.3
The "security_hash" field that you see is part of the comments app, and is > not the CSRF token. That needs to be output by a {% csrf_token %} tag (or > its equivalent). If it's working, you should see another hidden input > field, which looks like this: > > > value="36d43c1652d5676d6d411950e077eeaa1cc1f799"/> > > > The comments app normally does that automatically -- it's part of > django/contrib/comments/templates/form.html -- Are you overriding the > comment form in your own app? If so, you need to include the call to {% > csrf_token %} yourself. > I am not overriding, at least not deliberately. django/contrib/comments/templates/form.html has: {% load comments i18n %} {% csrf_token %} I render my form with: {% render_comment_form for entry %} --- I should note it did work when I first added it to the application. It broke after I added pybbm. I've since removed pybbm (it is maintained and broken), but comments started getting csrf errors. -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/pykynQInFVUJ. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: 'CSRF verification failed." from django.contrib.comments. can you help solve it? django 1.3
On Thu, Jun 28, 2012 at 9:14 AM, brycenesbittwrote: > I'm using django.contrib.comments and get 'CSRF token missing or > incorrect.' when previewing or submitting a comment. I have: ... The HTML looks like it has the csrf security_hash in the proper place: > > /> > > > ... The "security_hash" field that you see is part of the comments app, and is not the CSRF token. That needs to be output by a {% csrf_token %} tag (or its equivalent). If it's working, you should see another hidden input field, which looks like this: The comments app normally does that automatically -- it's part of django/contrib/comments/templates/form.html -- Are you overriding the comment form in your own app? If so, you need to include the call to {% csrf_token %} yourself. @csrf_protect #does not matter if this is here or not > No, if you have the CSRFViewMiddleware installed, then you don't need this line at all. -- Regards, Ian Clelland -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
Re: 'CSRF verification failed." from django.contrib.comments. can you help solve it? django 1.3
On do, jun 28, 2012 at 09:14:36 -0700, brycenesbitt wrote: > http://127.0.0.1:8000/comments/post/>" method="post"> >/> >id="id_timestamp" /> >value="6e85e1c846861c80575ce435b21a855706725b00" id="id_security_hash" > /> After the starting form tag add {% csrf_token %} More information about it: https://docs.djangoproject.com/en/dev/ref/contrib/csrf/ -- You received this message because you are subscribed to the Google Groups "Django users" group. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.
'CSRF verification failed." from django.contrib.comments. can you help solve it? django 1.3
I'm using django.contrib.comments and get 'CSRF token missing or incorrect.' when previewing or submitting a comment. I have: *MIDDLEWARE_CLASSES = (* *'django.middleware.csrf.CsrfViewMiddleware',* *'django.middleware.common.CommonMiddleware',* *'django.contrib.sessions.middleware.SessionMiddleware',* *'django.contrib.auth.middleware.AuthenticationMiddleware',* *'django.contrib.messages.middleware.MessageMiddleware',* *)* url(r'^comments/', include('django.contrib.comments.urls')), url(r'^entry/(?P\d+)/comment', 'rp2.views.entry_comment_add'), @csrf_protect #does not matter if this is here or not def entry_comment_add(request, pk): entry = models.Entry.objects.get(pk=pk) assert isinstance(entry, models.Entry) return render(request, 'entry_comment_popup.html', {'entry':entry}) {% extends 'head-plain.html' %} {% load comments %} {% block content %} {% render_comment_form for entry %} {% endblock %} The HTML looks like it has the csrf security_hash in the proper place: http://127.0.0.1:8000/comments/post/>" method="post"> ... I have read https://docs.djangoproject.com/en/dev/ref/contrib/comments/ -- You received this message because you are subscribed to the Google Groups "Django users" group. To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/TDG0eAHHlkkJ. To post to this group, send email to django-users@googlegroups.com. To unsubscribe from this group, send email to django-users+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-users?hl=en.