Welcome to the Django-jQuery-File-Uploader-Integration-demo wiki! This demo implementation shows basic integration of jQuery Uploader with Django with CSRF protection enabled.
Starting with Django 1.2.5 (release notes), all requests to the server have to be CSRF (Cross-site request forgery) validated unless otherwise specified in the view (that can be done by either applying
@csrf_exempt view decorator or disabling the CSRF altogether). And the only way to do that is by either sending a cookie with the CSRF token value, sending token value in the POST data, or by adding a special X-CSRFTOKEN header with the value of the token. When it comes to uploaders, even though some of them are excellent solutions such as very popular Uplodify, many of the them use Flash SWFObject to actually send data to the server. This usually works fine, until CSRF protection is introduced into the equation. The reason is because Flash cannot apply special headers to the requests, therefore failing Django's new CSRF protection.