Account Options

  1. Sign in
The old Google Groups will be going away soon, but your browser is incompatible with the new version.
Google Groups Home
« Groups Home
Django users
Home
+ new post
About this group
Join this group
Only Two Users Get : Forbidden (403) CSRF verification failed. Request aborted. Options
Options
There are currently too many topics in this group that display first. To make this topic appear first, remove this option from another topic.
There was an error processing your request. Please try again.
flag
   4 messages - Collapse all  -  Translate all to Translated (View all originals)
The group you are posting to is a Usenet group. Messages posted to this group will make your email address visible to anyone on the Internet.
Your reply message has not been sent.
Your post was successful
 
From:
To:
Cc:
Followup To:
Add Cc | Add Followup-to | Edit Subject
Subject:
Validation:
For verification purposes please type the characters you see in the picture below or the numbers you hear by clicking the accessibility icon. Listen and type the numbers you hear
 
Johan  
View profile  
 More options May 10 2012, 10:56 am
From: Johan <djjord...@gmail.com>
Date: Thu, 10 May 2012 07:56:13 -0700 (PDT)
Local: Thurs, May 10 2012 10:56 am
Subject: Only Two Users Get : Forbidden (403) CSRF verification failed. Request aborted. Options
Print | Individual message | Show original | Report this message | Find messages by this author
Hi

Does anybody maybee have some pointers for me? I have a site up and
running and it has worked perfectly for hundreds of users. Except that
today I got two users (from the same company, although others from the
same company has used it perfectly well) who are getting the [CSRF
verification failed] issue. I have looked in my access.log and it
seems like all the requests around the time of the failure is coming
from the same IP so I don't suspect a genuine CSRF. Also I know that
the coding is according to the documentation because so many others
has used this same form without any issues. Any help or hints would be
appreciated ....

Thanks


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Nikolas Stevenson-Molnar  
View profile  
 More options May 10 2012, 12:24 pm
From: Nikolas Stevenson-Molnar <nik.mol...@consbio.org>
Date: Thu, 10 May 2012 09:24:13 -0700
Local: Thurs, May 10 2012 12:24 pm
Subject: Re: Only Two Users Get : Forbidden (403) CSRF verification failed. Request aborted. Options
Print | Individual message | Show original | Report this message | Find messages by this author
Django uses cookies for CSRF. Is it possible these two users have
cookies disabled?
https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#how-it-works

_Nik

On 5/10/2012 7:56 AM, Johan wrote:


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Johan  
View profile  
 More options May 11 2012, 2:56 am
From: Johan <djjord...@gmail.com>
Date: Thu, 10 May 2012 23:56:50 -0700 (PDT)
Local: Fri, May 11 2012 2:56 am
Subject: Re: Only Two Users Get : Forbidden (403) CSRF verification failed. Request aborted. Options
Print | Individual message | Show original | Report this message | Find messages by this author

Hi thanks for the quick reply. After some more investigation I am quite
sure that this is exactly the issue. Thanks again for the quick reply. Now
to just find an elegant way to let the user know that they need to have
Cookies enabled to access my site :)


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
Sebastian Goll  
View profile  
 More options May 11 2012, 4:21 am
From: Sebastian Goll <sebastian.g...@gmx.de>
Date: Fri, 11 May 2012 10:21:58 +0200
Local: Fri, May 11 2012 4:21 am
Subject: Re: Only Two Users Get : Forbidden (403) CSRF verification failed. Request aborted. Options
Print | Individual message | Show original | Report this message | Find messages by this author
On Thu, 10 May 2012 23:56:50 -0700 (PDT)

Johan <djjord...@gmail.com> wrote:
> Hi thanks for the quick reply. After some more investigation I am quite
> sure that this is exactly the issue. Thanks again for the quick reply. Now
> to just find an elegant way to let the user know that they need to have
> Cookies enabled to access my site :)

You could specify the CSRF_FAILURE_VIEW setting in your settings.py to
point to a custom view that renders a simple template telling the user
that they need cookies enabled. For instance:

  # setting.spy

  CSRF_FAILURE_VIEW = 'app.views.csrf_failure'

  # app/views.py

  from django.shortcuts import render

  def csrf_failure(request, reason=None):
      # Use status code 403 Forbidden here.
      return render(request, 'csrf.html', status=403)

  # templates/csrf.html

  Some text explaining that cookies need to be enabled.

Best wishes,
Sebastian.


 
You must Sign in before you can post messages.
To post a message you must first join this group.
Please update your nickname on the subscription settings page before posting.
You do not have the permission required to post.
End of messages
« Back to Discussions « Newer topic     Older topic »

Create a group - Google Groups - Google Home - Terms of Service - Privacy Policy
©2013 Google