I was getting this 403 error today while attempting to make a POST request to a view:
403 Forbidden
CSRF verification failed. Request aborted.
Help Reason given for failure:
CSRF cookie not set.
Edit 10/29/2010 I’ve modified this post to only contain the proper way of resolving the issue. You can read about Cross Site Request Forgeries here and Django’s protection mechanisms here
To resolve the 403 issue, you want to add the csrf_token template tag within your form somewhere. This adds a hidden div with the value of the input as the csrf token:
anything.html| 1 2 3 4 |
If you’d like to not protect against CSRF with Django’s built in mechanisms, use the csrf_exempt decorator:
views.py| 1 2 3 4 5 | from django.views.decorators.csrf import csrf_exempt ... @csrf_exempt def my_func(request): ... |