Hi Amit,
On Sunday, 3 November 2019 07:41:12 UTC+5:30, Amit Agarwal wrote:
-- Here there are two ways:
- Capture the csrf cookies and send it with request as we do it for AJAX request. https://docs.djangoproject.com/en/2.2/ref/csrf/#ajax. Here you will have to figure it out for python.
- If you are doing it for testing purpose and want to bypass csrf (not recommended in testing and production environment), then either:
- Exempt your views by using @csrf_exempt (https://docs.djangoproject.com/en/2.2/ref/csrf/#edge-cases)
- Or remobe the csrf middleware(django.middleware.csrf.CsrfViewMiddleware) all together from settings.py (https://docs.djangoproject.com/en/2.2/ref/csrf/#how-to-use-it)
Ideally you should not bypass csrf as its a good feature given by django even for development purpose. There will be a workover effort for putting it back in production.
Hope this is what you are looking for and it helps.
regards,
Parth
On Sunday, 3 November 2019 07:41:12 UTC+5:30, Amit Agarwal wrote:
Helo everyone,I am making a post request to the server from client.py. I am getting error forbidden csrf cookie not set.What is the correct way to use session?
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/899ba3b7-1355-4dd4-ab3a-20a05b792501%40googlegroups.com.
No comments:
Post a Comment