CSRF verification failed. Request aborted.

[Cornelio Royer Climent]

HI.  SOMEBODY COULD YOU HELP WITH THIS ERROR?

I THINEK THAT I SAW EVERYTHING, BUT I DON'T FIND THE ERROR .

<!DOCTYPE html>

<html>

<h1>{{ words.english }}</h1>

{% if error_message %}<p><strong>{{ error_message }}</strong></p>{% endif %}

<form action="{% url 'words:vote' words.id %}" method="post">

{% csrf_token %} 

{% for opcion in opciones %}

<input type="radio" name="opciones" id="choice{{ forloop.counter }}" 

value="{{ opciones.id }}" />

    <label for="choice{{ forloop.counter }}">{{ opcion.d_spanish }}</label><br />

{% endfor %}

<input type="submit" value="Escoja Una Opcion" />

</form>

</html>

Forbidden (403)

CSRF verification failed. Request aborted.

Help

Reason given for failure:

    CSRF token missing or incorrect.
    

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

• Your browser is accepting cookies.
• The view function uses RequestContext for the template, instead of Context.
• In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
• If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.

You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting.

[Larry Martell]

Do you have django.middleware.csrf.CsrfViewMiddleware in your
middleware classes?

[Cornelio Royer Climent]

Yes I have

MIDDLEWARE_CLASSES = (

    'django.contrib.sessions.middleware.SessionMiddleware',

    'django.middleware.common.CommonMiddleware',

    'django.middleware.csrf.CsrfViewMiddleware',

    'django.contrib.auth.middleware.AuthenticationMiddleware',

    'django.contrib.auth.middleware.SessionAuthenticationMiddleware',

    'django.contrib.messages.middleware.MessageMiddleware',

    'django.middleware.clickjacking.XFrameOptionsMiddleware',

)

[Stephen J. Butler]

Have you checked the rendered HTML in the browser? Is the CSRF element
present? Is there any JavaScript that could be doing pre-processing on
the form? Did you open up the browser's inspector and verify that the
POST request actually included the CSRF key/value? Is it the correct
value?

On Sat, Jan 24, 2015 at 2:43 PM, Cornelio Royer Climent

> --
> You received this message because you are subscribed to the Google Groups
> "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an
> email to django-users...@googlegroups.com.
> To post to this group, send email to django...@googlegroups.com.
> Visit this group at http://groups.google.com/group/django-users.
> To view this discussion on the web visit
> https://groups.google.com/d/msgid/django-users/e48feade-66e6-4e1e-a02b-16c4923f11d3%40googlegroups.com.
>
> For more options, visit https://groups.google.com/d/optout.