I’m using REST Easy in Firefox to make a POST request to a simple form in Django, but it’s giving me a 403 error “2295 CSRF token missing or incorrect”.
This is my views.py (since I’m using the net behind a proxy):
from django.shortcuts import render
import urllib2
def home(request):
if request.method == 'POST':
post = request.POST
if 'passkey' in post:
if post['passkey'] == '123':
proxy = urllib2.ProxyHandler({'http': 'http://070.13095070:pujakumari123@10.1.1.19:80'})
auth = urllib2.HTTPBasicAuthHandler()
opener = urllib2.build_opener(proxy, auth, urllib2.HTTPHandler)
urllib2.install_opener(opener)
j = urllib2.urlopen(post['url'])
j_obj = json.load(j)
return HttpResponse(j_obj)
else:
return render(request, 'packyourbag/home_page.html')
and my template file:
<html>
<body>
<form id="form" method="post">
{% csrf_token %}
url:<input type="text" name="url"/>
Pass Key:<input type="text" name="passkey"/>
<button type="submit" name="url_post">
Post
</button>
</form>
</body>
</html>
I’m passing a URL and passkey, and I don't know how to pass a CSRF token (I don’t even know if I have to pass this or not).
You can disable the CSRF token requirement by putting @csrf_exempt before your view:
First import the decorator at the top of your views.py:
from django.views.decorators.csrf import csrf_exempt
Then decorate your view like:
@csrf_exempt
def home(request):
Warning: This will make your view vulnerable to cross site request forgery attacks. See https://docs.djangoproject.com/en/dev/ref/csrf/ for details.