CSRF token missing on models with a file/imagefield
117 views
Skip to first unread message
Yorben Verhoest
Dec 20, 2021, 9:13:23 AM12/20/21
to Django users
I have a project which is set up on AWS using lambda, s3, ...
Because it is still in production we are using DjangoAdmin to manage the data in it.
All of my models work fine when I try to save them except the ones that have a filefield or imagefield in them. When I save those, I get a 403 - CSRF token missing error.
All of my models work fine when I try to save them except the ones that have a filefield or imagefield in them. When I save those, I get a 403 - CSRF token missing error.
The weird thing is, working on localhost, It works perfectly, it even saves the files correctly into the s3 bucket. but once deployed on AWS Lambda, it throws me this error.
Anybody else had this problem? I've been searching for answers this whole past week..
Thanks in advance
Phoebe Bright
Dec 20, 2021, 1:50:28 PM12/20/21
to Django users
So you are adding these images using the standard DjangoAdmin interface?
Yorben Verhoest
Dec 21, 2021, 1:59:31 AM12/21/21
to Django users
Yes, I'm just using the DjangAdmin interface
It works perfectly for models without any filefield / imagefield
First I thought that the connection between the app and the s3 bucket was wrong, but when I test i through the shell, it works.
Yorben Verhoest
Dec 28, 2021, 2:26:04 AM12/28/21
to Django users
So, turn out that the problem occurs because for some reason my request.POST data is empty.
I found out because I wrote a custom CSRFfailureview where I print out my request data.
The reason I get a csrf is missing error is because that token is also stored in there.
Now I'm trying to figure out why my POST data is empty only on models where an filefield or imagefield is defined...
Sebastian Jung
Dec 28, 2021, 3:35:42 AM12/28/21
to django...@googlegroups.com
Hello,
try
<form method="POST" action="" enctype='multipart/form-data' >
in your html template- I think this works...
Regards
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/82bf1502-42d9-44ae-a6c8-a8a594d52b10n%40googlegroups.com.
Yorben Verhoest
Dec 28, 2021, 5:08:07 AM12/28/21
to Django users
Hello
Thanks for the answer, but like I said, I'm working with DjangoAdmin and not a custom form.
So DjangoAdmin already does this.
Also when I inspect the source code in DjangoAdmin it does have the "multipart/form-date" in my form tag.
Regards
Reply all
Reply to author
Forward
0 new messages