[Q: Basic] Strange behaviour after pressing on button

[Stone]

My Django application is running on real server (apache2-2.2.22).
In urls.py is mentioned:
(r'^configSave/$', configSave),

My HTML is bellow. After pressing on configSave I am receiving HTTP
403 error page.

In view.py is mentioned:
def configSave(request):
configFile={}
if os.path.isfile(SSO_CONF) != False:
f = open(SSO_CONF,"r")
for line in f:
line = line.strip()
if re.search('^#',line) != None:
'''print 'This is the commentary'''
else:
'''print line'''
try:
name, value = line.split('=',2)
configFile[name]=value
print '<%s>%s</%s>' % (name, value, name)
except ValueError, err:
''' print 'This is empty row'''
configFile['SlaveDeactAppl']=configFile['SlaveDeactAppl'].split(',');

configFile['SlaveDeactScripts']=configFile['SlaveDeactScripts'].split(',');
configFile={}
if os.path.isfile(SSO_CONF) != False:
f = open(SSO_CONF,"r")
for line in f:
line = line.strip()
if re.search('^#',line) != None:
'''print 'This is the commentary'''
else:
'''print line'''
try:
name, value = line.split('=',2)
configFile[name]=value
print '<%s>%s</%s>' % (name, value, name)
except ValueError, err:
''' print 'This is empty row'''
configFile['SlaveDeactAppl']=configFile['SlaveDeactAppl'].split(',');

configFile['SlaveDeactScripts']=configFile['SlaveDeactScripts'].split(',');
c = {}
c = Context({
'config':configFile,
'item':2,
})
c.update(csrf(request))
return
render_to_response('config.html',c,context_instance=RequestContext(request))

By the way how to really fast define logging mechanism which can be
use for debugging.

Is this my programmer approach corrector is there any other way how to
react on the pressing of button?

<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://
www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
{% extends "index.html" %}
{% block content %}
<html lang="en-US" xml:lang="en-US" xmlns="http://www.w3.org/1999/
xhtml">
<script type="text/javascript">
top.helpID="SSO_config";
$(document).ready(function () {

function sendAjax()
{
$(document).ajaxSend(function(event, xhr, settings) {
function getCookie(name) {
var cookieValue = null;
if (document.cookie && document.cookie != '') {
var cookies = document.cookie.split(';');
for (var i = 0; i < cookies.length; i++) {
var cookie = jQuery.trim(cookies[i]);
if (cookie.substring(0, name.length + 1) == (name
+ '=')) {
cookieValue =
decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}
function sameOrigin(url) {
var host = document.location.host; // host + port
var protocol = document.location.protocol;
var sr_origin = '//' + host;
var origin = protocol + sr_origin;
// Allow absolute or scheme relative URLs to same origin
return (url == origin || url.slice(0, origin.length + 1)
== origin + '/') ||
(url == sr_origin || url.slice(0, sr_origin.length +
1) == sr_origin + '/') ||
!(/^(\/\/|http:|https:).*/.test(url));
}
function safeMethod(method) {
return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
}
if (!safeMethod(settings.type) && sameOrigin(settings.url)) {
xhr.setRequestHeader("X-CSRFToken",
getCookie('csrftoken'));
}
});
}

$("#saveCfg").click(function(event){

sendAjax();
$.ajax({
type: "POST",
url: "/SSO/configSave/",
dataType: "text",
success: function(data) {
alert(data);
},
error: function(xhr,ajaxOptions,thrownError) {
alert(xhr.status +" "+xhr.statusText);
alert(thrownError);
}
});
});


});
</script>

<body class="bodyClass">
<table class="body_table">
<tr>
<th colspan="4" class="thead"><b>&nbsp;IP configuration</b></
th>
</tr>
<tr>
<td>Master IP address</td>
<td>
<input id="mip" style="width: 100px;"
value="{{config.MasterIPAddress}}"/>
</td>
<td>Slave IP address</td>
<td>
<input id="sip" style="width: 100px;"
value="{{config.SlaveIPAddress}}"/>
</td>
</tr>
<tr>
<td>Master netmask</td>
<td>
<input id="mnetmask" style="width: 100px;"
value="{{config.MasterIPNetmask}}"/>
</td>
<td>Slave netmask</td>
<td>
<input id="snetmask" style="width: 100px;"
value="{{config.SlaveIPNetmask}}"/>
</td>
</tr>
<tr>
<td>Master broadcast</td>
<td>
<input id="mbroadcast" style="width: 100px;"
value="{{config.MasterIPBroadcast}}"/>
</td>
<td>Slave broadcast</td>
<td>
<input id="sbroadcast" style="width: 100px;"
value="{{config.SlaveIPBroadcast}}"/>
</td>
</tr>
<tr>
<td></td>
<td></td>
<td></td>
<td></td>
</tr>
<tr>
<td>Lancard name</td>
<td><span id="cardname"></span>{{config.LanCardName}}</td>
<td>MAC address</td>
<td><input id="cardmac" value="{{config.LanCardMAC}}"/></td>
</tr>
<tr>
<th colspan="4" class="thead"><b>&nbsp;Configuration
parameters</b>
</th>
</tr>
<tr>
<td>Replication frequency</td>
<td>
<select id="freq">
<option {% if config.MasterBackupFrequency = "daily" %}
selected="selected"{% endif %}>daily</option>
<option {% if config.MasterBackupFrequency = "Monday" %}
selected="selected"{% endif %}>Monday</option>
<option {% if config.MasterBackupFrequency = "Thusday" %}
selected="selected"{% endif %}>Thusday</option>
<option {% if config.MasterBackupFrequency = "Wednesday" %}
selected="selected"{% endif %}>Wednesday</option>
<option {% if config.MasterBackupFrequency = "Thursday" %}
selected="selected"{% endif %}>Thursday</option>
<option {% if config.MasterBackupFrequency = "Friday" %}
selected="selected"{% endif %}>Friday</option>
<option {% if config.MasterBackupFrequency = "Saturday" %}
selected="selected"{% endif %}>Saturday</option>
<option {% if config.MasterBackupFrequency = "Sunday" %}
selected="selected"{% endif %}>Sunday</option>
</select>
</td>
<td>Replication time</td>
<td><input style="width: 40%;" id="backuptime"
value="{{config.MasterBackupStartTime}}"/></td>
</tr>
<tr>
<td valign="top">Slave deactivated application</td>
<td style="width: 20%;"><span id="appl">
{% for appl in config.SlaveDeactAppl %}
{{ appl }}<br>
{% endfor %}
</span></td>
<td valign="top">Slave deactivated scripts</td>
<td style="width: 20%;"><span id="scripts">
{% for appl in config.SlaveDeactScripts %}
{{ appl }}<br>
{% endfor %}
</span></td>
</tr>
<!-- <div id="buttonPanel" style="display: block;">
<button id="saveTime" class="submitButton ui-state-default ui-
corner-all ui-priority-primary">Save replication parameters</button>
</div> -->
<tr>
<th colspan="4" class="thead"><b>&nbsp;Replication parameters</
b>
</th>
</tr>
<tr>
<td>Replication enable</td>
<td><input type="checkbox" id="replEnable" {% if
config.ReplicationEnable = "yes" %}checked="checked"{% endif %}/></td>
<td>Account used for replication</td>
<td>
<select id="account">
<option {% if config.ReplicationAccount = "engr" %}
selected="selected"{% endif %}>engr</option>
<option {% if config.ReplicationAccount = "root" %}
selected="selected"{% endif %}>root</option>
</select>
</td>
</tr>
<tr>
<td>ReplicationRetryInterval</td>
<td><span id="interval">{{config.ReplicationRetryInterval}}</span></
td>
<td>ReplicationRetryCount</td>
<td><span id="count">{{config.ReplicationRetryCount}}</span></td>
</tr>
<tr valign="center" align="center" colspan="4">
<td colspan="4">
<input type="button" id="saveCfg" valign="center"
class="submitButton ui-state-default ui-corner-all ui-priority-
primary" onclick="javascript:location.href='/SSO/configSave/';"
style="width:200px;" value="Save complete settings"/>
</td>
</tr>
</table>
</body>
</html>
{% endblock %}

[Nikolas Stevenson-Molnar]

It's possible that the CSRF token isn't being sent correctly. As a test,
try adding the @csrf_exempt decorator to your view. If you no longer get
the 403, then it's a CSRF problem.

_Nik

[Stone]

Over Firefox and Firebug I have received that CSRF Validation failed.
My server is running on apache2-2.2.22 and there are two proxy's
All template file and forms includes csrf_token tag.

On Oct 24, 6:54 pm, Nikolas Stevenson-Molnar <nik.mol...@consbio.org>
wrote:

[Nikolas Stevenson-Molnar]

It looks like you're submitting your request via AJAX and using the
X-CSRFToken header. It's very possible that one of your proxies isn't
forwarding that header correctly. You might try submitting it as an
actual form parameter instead.

_Nik

[Stone]

Hi Nik,

I do not understand. How can I submitted as a actual form parameter?
Are there any examples?

On Oct 25, 5:24 pm, Nikolas Stevenson-Molnar <nik.mol...@consbio.org>

> ...
>
> read more »

[Kurtis Mullins]

Just to give you a hint, you'll need to do 2 things:

1. Use {% csrf_token %} in your view to generate the CSRF Token Form Field

2. Include the value and name from that Form Field in your Javascript Request

#2 is much more a Javascript issue; not specific to django. although someone here may help you.

Good luck

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To post to this group, send email to django...@googlegroups.com.
To unsubscribe from this group, send email to django-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.

[Nikolas Stevenson-Molnar]

Just include a 'csrftoken' form parameter with your other form data. If you're submitting the entire form, you can use the {% csrf_token %} template tag anywhere inside your <form></form> tags.

_Nik

On 10/26/2012 2:14 AM, Stone wrote:

This is misunderstand able for me.
How can I submit as a parameter?

Dne čtvrtek, 25. října 2012 17:24:05 UTC+2 Nikolas Stevenson-Molnar napsal(a):