Django: csrf error on non-existent urls

By : Javed Khan

While testing out a API from another django site, I came across a seemingly common error.

403 Forbidden

CSRF verification failed. Request aborted.


Reason given for failure:

    No CSRF or session cookie.

Posting the data to the api endpoint returned 403 Forbidden with the standard csrf failure error page. I cross checked that the view was csrf_exempted and that CsrfViewMiddleware was not enabled. The view had some other unrelated decorators which I guessed could be the cause of the problem. According to this bug, not all decorators play nice with the csrf_exempt decorator. Even with that fixed, there was ...

more info..
© Agiliq, 2009-2012