Solved: Forbidden (CSRF cookie not set.)

When you have developed Django Views using function, and now tried to do http POST then you may sometimes see an error as below,

Forbidden (403)

CSRF verification failed. Request aborted.

You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.

If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for “same-origin” requests.

Solution1 :

Open your views.py file and add “@csrf_exempt” above the functions..

For example : in our case for our API http://127.0.0.1:8000/users/, when we did http POST, we were getting error as,


Subscribe with Valid Email Id to receive updates in Inbox. ( Secured by Google FeedBurner )

   


So, we opened our views.py file, helloproject/helloapp/views.py and added “@csrf_exempt” , just above api function “users” as,

from django.views.decorators.csrf import csrf_exempt

@csrf_exempt
def users(request):

Now, when you run the server again and do http POST, you will not see the error..

Solution 2 :

While we were trying to do “DELETE” on class based views implementation, our first solution to didn’t worked. So as an workaround to get it working without proper implementation of CSRF Cookies, we can just disable “django.middleware.csrf.CsrfViewMiddleware” from MIDDLEWARE in settings.py

MIDDLEWARE = [
#    'django.middleware.csrf.CsrfViewMiddleware',
]

lynxbee_ezoic

Leave a Comment

Android Android Build system Android Commands Android Java Applications Application Libraries Application Stack / User Interface Bash / Shell Scripts Bluetooth driver Cloud Technologies Commands and Packages Compilation Content Management System Core Kernel C Programs Development & Build Development, Debugging and Performance Tools Development Environment Setup Django & REST Api Errors & Failures Git Hardware Platforms HTML JAVA Programs Linux, OS Concepts and Networking Linux Device Drivers Linux Host, Ubuntu, SysAdmin Linux Kernel Linux Networking Middleware Libraries, HAL Multimedia Audio, Video, Images NDK / Middleware / HAL OS Concepts PHP Programming Languages Scripting and Automation Search Engine Optimisation ( SEO ) Social Media Source Code Management ( SCM ) System Administration, Security Testing and Debugging Uncategorized Web design and development Website Hosting Wordpress Yocto / Bitbake / Openembedded