ajax post failing with 403 #11

Closed
jbranc opened this Issue Sep 12, 2012 · 1 comment

Projects

None yet

2 participants

@jbranc
jbranc commented Sep 12, 2012

Not sure this is the ultimate solution, but the ajax call made by the a.click is failing with a 403. The solution (workaround?) is to add a csrf_exempt decorator around the views.like_toggle() function
@login_required
@require_POST
@csrf_exempt
def like_toggle(request, content_type_id, object_id):

i believe this is something required for django 1.2 and above

@paltman
Member
paltman commented Sep 14, 2012

This is likely because I am running everything with pinax starter projects which includes a js csrf fix by default so I missed this. I'd rather just mention or ship with a js include that provides this rather than exempt the csrf.

@paltman paltman added a commit that closed this issue Jan 2, 2013
@paltman paltman Add note on ajax
Fixes #11
2e4df4c
@paltman paltman closed this in 2e4df4c Jan 2, 2013
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment