Django Admin Preview Broken - Forbidden (403) CSRF verification failed. Request aborted.

[sampiecz]

Hello,

I have scoured the documentation and google before coming here but I can't seem to find anything on the topic.
I run into no issues in my development environment. However, on my production machine I get some really odd behavior.
When I go to edit a model that has a MarkdownxField(), my websites navigation starts to appear, and I get a 403 error.
I don't really know how else to describe it. I have no traceback to post.
Any suggestions of how I can start troubleshooting this?

The first two images attached are just to show my admin behaves as normal.
Last two are the strange behavior I am getting.

Thanks a bunch in advance!

[sampiecz]

For whatever reason it's inheriting from my base.html and the css associated with that template.

[sampiecz]

Suggestions anyone? For the time being I just created a template to override the django-markdownx preview -- since the preview isn't showing, my error is gone. However, it would be nice to use the preview if possible.

[Pyvonix]

How do you return your CSRF TOKEN ? Does it return in the POST or store in session ??

[sampiecz]

@TheBuky Here is my current "Solution". I'm not sure what you mean by how do I return my current CSRF TOKEN? Prior to overriding the template, my admin looked like it did in the pictures. Obviously buggy, however when override the template I don't get that issue. Solely because it doesn't even load the preview container.

However, I do want to see the preview, and not have it pulling in my main web app's navigation..

Thanks in advance for the help @TheBuky

<div class="markdownx row">
    <div class="col-md-6">
        <p>testing</p>
        <!-- Django 1.10 and below -->
        {% csrf_token %}
	{{ markdownx_editor }}
        <!-- Django 1.11+ -->
            <!--       {% include 'django/forms/widgets/textarea.html' %} -->
    </div>
    <div class="col-md-6">
        <div class="markdownx-preview"></div>
    </div>
</div>

[qwergram]

@sampiecz did you by any chance achieve a more robust solution?

[sampiecz]

@qwergram I have not yet. Are you encountering something similar?

Right now, I just edited the HTML template and commented out the preview box.

[qwergram]

@sampiecz I encountered exactly what you're seeing on a personal project. Luckily I have enough flexibility to use a different library, specifically markdownify.

[sampiecz]

It's really a shame, I'd prefer to use markdownx because of it's drag and drop image feature too. I'll have to checkout mardownify, thanks for the heads up @qwergram

[adi-]

Please update with recent code. Probably you have session csrf activated in your config.

[qwergram]

@adi- can you explain a little more what you mean? How do I deactivate "session csrf in my config"? In settings.py?

[adi-]

Check this one #111