CSRF Forbbiden 403

Navigation
1

index.html: 

  {% if user.is_authenticated %}
  you are logged in!
  {% else %}
  <h3>Login</h3>
  <form action="/login" method="post" accept-charset="utf-8">
    {% csrf_token %}
  <label for="username">Username</label><input type="text" name="username" value="" id="username" />
  <label for="password">Password</label><input type="password" name="password" value="" id="password" />
  <p><input type="submit" value="Login →"></p>
  </form>
  {% endif %}

views.py: 

def main(request):

    respuesta=""
    salida=""
    lista=Hotel.objects.all()

    listauser=Users.objects.all()

    if len(lista) == 0:
        print("Parsing....")
        theParser = make_parser()
        theHandler = myContentHandler()
        theParser.setContentHandler(theHandler)
        fil = urllib2.urlopen( 'http://www.esmadrid.com/opendata/alojamientos_v1_es.xml')
        theParser.parse(fil)

    template = get_template("index.html")
    if request.user.is_authenticated():

        return HttpResponse(template.render({'lista':lista[mini:maxi],'user':request.user.username,'listausers':listauser,'condicion':""}))
    else:
        return HttpResponse("Not logged in"+"<a href=login"+"> Log in</a>")

I get a CSRF Forbbiden bug, how can I fix it?

    
asked by Diego Payo Martinez 30.04.2016 в 11:53
source

1 answer

1

You have to validate the following points

  • Your browser accepts cookies
  • 'django.middleware.csrf.CsrfViewMiddleware' is included in your settings.py configuration file
  • Make sure you can pass the csrf token from django.core.context_processors.csrf to the context manager
    • answered by 30.04.2016 в 14:06
    Customize headers with IHttpActionResult? How to save and read directly on the scard