Maybe decorate the view with @csrf_extempt and test it
like this:
---views.py---
from django.core.context_processors import csrf
from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
def contact(request):
form = ContactForm()
...some wicked logic here ...
return
I tried the following:
1. Change everything to use POST
2. Do
$ curl -d
"name=Bob=926ab8c4fca858fdf0c441784687d402"
http://localhost:8000/demo/test/
But I'm still getting the same CSRF error. Not sure why.
Also, the token seems to stay the same after restarting the server. Is
this
That's what I'm looking for.
Thanks :)
On Jan 20, 4:32 pm, Russell Keith-Magee
wrote:
> On Fri, Jan 21, 2011 at 4:40 AM, scabbage wrote:
> > How do I include CSRF token in a curl request then? I use curl for
> > debugging. Cannot seem to find any
On Fri, Jan 21, 2011 at 4:40 AM, scabbage wrote:
> How do I include CSRF token in a curl request then? I use curl for
> debugging. Cannot seem to find any info on Google :(
The CSRF token is just a hidden field on your form. When you render
your template, the CSRF token will
How do I include CSRF token in a curl request then? I use curl for
debugging. Cannot seem to find any info on Google :(
On Jan 20, 5:11 am, Russell Keith-Magee
wrote:
> On Thu, Jan 20, 2011 at 8:57 PM, Shawn Milochik wrote:
>
> > On Jan 19, 2011, at
On Thu, Jan 20, 2011 at 8:57 PM, Shawn Milochik wrote:
>
> On Jan 19, 2011, at 8:01 PM, scabbage wrote:
>
>> Is there a way to completely disable CSRF handling?
>
> Sure, just remove the CSRF middleware from your settings.py.
While this advice is 100% accurate, I'd would
On Jan 19, 2011, at 8:01 PM, scabbage wrote:
> Is there a way to completely disable CSRF handling?
Sure, just remove the CSRF middleware from your settings.py.
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send
On Wednesday, January 19, 2011 11:07:04 PM UTC, scabbage wrote:
>
> How do I add CSRF token to curl then?
>
> What if I wanna expose my views as web services without providing a
> UI, how do I make sure clients (e.g. Ajax, actionscript, etc) can use
> it without this CSRF issue?
>
>
> Thanks.
maybe use something like piston
https://bitbucket.org/jespern/django-piston/wiki/Home
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email
Is there a way to completely disable CSRF handling?
Is there an documentation about how to create web services APIs using
Django without frontends?
Thanks.
On Jan 19, 3:26 pm, Andy McKay wrote:
> > What if I wanna expose my views as web services without providing a
> > UI,
> What if I wanna expose my views as web services without providing a
> UI, how do I make sure clients (e.g. Ajax, actionscript, etc) can use
> it without this CSRF issue?
You can mark things as exempt if you'd like to and are aware of the
implications:
How do I add CSRF token to curl then?
What if I wanna expose my views as web services without providing a
UI, how do I make sure clients (e.g. Ajax, actionscript, etc) can use
it without this CSRF issue?
Thanks.
On Jan 19, 4:14 am, Jirka Vejrazka wrote:
> > However,
curl -d "name=Bob" -G http://localhost:8000/demo/test
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to django-users@googlegroups.com.
To unsubscribe from this group, send email to
-d flag sends the specified data in a POST request to the HTTP server, since
you don't supply CSRF token, Django assumes the post is malicious.
See more http://docs.djangoproject.com/en/dev/ref/contrib/csrf/?from=olddocs
--
You received this message because you are subscribed to the Google
> However, when I tried this:
>
> $ curl -d "name=Bob" http://localhost:8000/demo/test
curl -d sends data using POST method, not GET method (see curl
documentation). Django expects CSRF token in all POST requests, check
http://docs.djangoproject.com/en/dev/ref/contrib/csrf/
HTH
I'm new to Django. I have installed the latest Django and completed
the four-page tutorial. I created a very simple view as below:
from django.http import HttpResponse
def test(request):
return HttpResponse('My name is ' + request.GET['name'])
I'm able to navigate to
16 matches
Mail list logo