request.is_ajax() not working

[psychok7]

hi there i am trying a simple example using AJAX, DJANGO, JQUERY, JSON and my if request.is_ajax() is not working for some reason.. here is my code:

URLS: (r'api/newdoc/$', 'rose_miracle.views.newdoc'),

VIEW:

def newdoc(request):

    # only process POST request

    print "entrei"

    if request.is_ajax():

        print "entrei2"                         _#this is not working

        data= dict(request.POST)

        print data

                # save data to db

        return HttpResponse(simplejson.dumps([True]))

        

    return HttpResponse(simplejson.dumps([False]))

js:

$(document).ready(function(){

    

   

alert("ya");

$.post("api/newdoc/", function(data) {

        alert(data);

    });

}

i added this in a file as well, dont know how it works though https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ajax

the print in my request.is_ajax()  is now working, what im i doing wrong??

[Amao Zhao]

dear psychok7:

    You have no data from your ajax post, you should post some data with your ajax post, like this 

$.post("api/newdoc/", {'user':'your username'}, function(data) {

        alert(data);

    });

}

在 2012年4月23日星期一，psychok7 写道：

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To view this discussion on the web visit https://groups.google.com/d/msg/django-users/-/J9sGcOB5wBwJ.
To post to this group, send email to django...@googlegroups.com.
To unsubscribe from this group, send email to django-users...@googlegroups.com.
For more options, visit this group at http://groups.google.com/group/django-users?hl=en.

[psychok7]

yes i did that now, and still doesnt work.. it still returns false and doesnt print the line after request.is_ajax()

To unsubscribe from this group, send email to django-users+unsubscribe@googlegroups.com.

[Masklinn]

On 2012-04-23, at 13:48 , psychok7 wrote:

> yes i did that now, and still doesnt work.. it still returns false and
> doesnt print the line after request.is_ajax()
>

I can't reproduce the issue with a trivial repro case (see attached module),
so with the little information you've provided the only thing my psychic
debugger yield was "are you using Firefox" as it has a long-standing bug
of not conserving headers on redirections[0][1], but that would make the entire
CSRF fail. *Unless* it redirects to a GET request, since you're not checking
whether the method is GET or POST (which you really should, incidentally)
this would bypass the CSRF check (even though it'd lose the header), and would
lose the X-Requested-By header (set by jquery) which Django uses to know
whether a request "is ajax" or not.

So I'd recommend looking into that, and taking a long look at you javascript
console's Network tab to see what kind of calls are being sent by the browser
to django.

[0] https://bugzilla.mozilla.org/show_bug.cgi?id=553888
[1] On the other hand, it should be fixed in Firefox 7 and above, so you'd
have to use Firefox *and* use an outdated version of it.

[psychok7]

i am using Chrome.

to be honest i dont really understand everything you are talking about, so ill just try to run your code and see if i can get results 
on the other hand if i use GET instead of POST i dont have to worry about CSRF right?

i am not sure you understood my question though, i am getting a HTTPRESPONSE, just not the one inside request.is_ajax()

i have read too much documentation on the net (old and new) so i guess thats why  i am confused now and just need something that works and only after that i will try to understand why does it work

[Masklinn]

On 2012-04-23, at 14:44 , psychok7 wrote:

> i am using Chrome.
>
> to be honest i dont really understand everything you are talking about, so
> ill just try to run your code and see if i can get results
> on the other hand if i use GET instead of POST i dont have to worry about CSRF
> right?

Right. You get to worry about a fundamentally broken site instead.

> i am not sure you understood my question though, i am getting a
> HTTPRESPONSE, just not the one inside request.is_ajax()

Yes, I understand that. Which means either your CSRF works or you're in
a GET (no CSRF check), either way you're without the custom headers.

> i have read too much documentation on the net (old and new) so i guess
> thats why i am confused now and just need something that works and only
> after that i will try to understand why does it work

I usually find that throwing shit at the wall until something sticks does
not yield better code or understanding than building from the basics,
starting from small things if needs be, but that's your call.