Vous n'êtes pas identifié(e).
Bonsoir,
J'ai un gros souci avec Internet Explorer 8 :
Forbidden (403)
CSRF verification failed. Request aborted.Help
Reason given for failure:CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:•The view function uses RequestContext for the template, instead of Context.
•In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
•If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.You can customize this page using the CSRF_FAILURE_VIEW setting.
Après renseignement, cela serait un problème récurent sous IE.
Voici le code de mon form :
<form action="{% url search-page %}" method="post">
{% csrf_token %}
{{form.as_p}}
<input type="submit" value="Search" />
</form>
J'y ajoute pourtant bien le token...
Avez-vous déjà rencontré ce problème ? si oui, l'avez-vous résolu ?
Merci d'avance.
Hors ligne
As-tu vérifié l'activation des cookies (onglet "niveau de sécurité"...)
Salut,
Merci pour ta réponse.
IE8 => outils/confidentialité/Avancé : La case à cocher "Ignorer la gestion automatique des cookies" est décochée.
J'ai du neuf, avec FF, j'ai le même souci mais pas avec la même page.
Avec FF et Google Chrome, j'arrive à m'identifier sur le site, mais lorsque je clic sur un submit (bouton) dont l'action est ce template :
{# page to make query #}
{% comment %}
Arguments:
tables : python list with name of tables
table_variable [optional]: python list with 2-tuple : (table name, python list with variables names)
table_form [optional]: python list with 2-tuple : (table name, django.forms)
Example:
tables = ['Patient', 'Tumor', ...]
table_variable = [('Patient',['nom','prenom']), ...]
table_form = [('Patient', DynForm()), ...]
{% endcomment %}
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
"http://www.w3.org/TR/html4/loose.dtd">
<html>
<head>
<title>Bienvenu sur la page Query!</title>
<link type="text/css" href="{{MEDIA_URL}}jquery/css/ui-lightness/jquery-ui-1.8.5.custom.css" rel="stylesheet" />
<script type="text/javascript" src="{{MEDIA_URL}}jquery/js/jquery-1.4.2.min.js"></script>
<script type="text/javascript" src="{{MEDIA_URL}}jquery/js/jquery-ui-1.8.5.custom.min.js"></script>
</head>
<body>
{# accordion for the choice of tables #}
<div class="accordion">
<h3><a href="#">Choix des tables</a></h3>
<div>
<form action="/neuro/query/table/" method="post">
{% for table in tables %}
<input type="checkbox" name="table" value="{{ table }}" />{{ table }}<br />
{% endfor %}
<input name="submit" id="submit" type="submit" value="submit" />
</form>
</div>
</div>
<form action="/neuro/query/query/" method="post" onsubmit="">
{# accordion for the choice of data #}
<div class="accordion">
<h3><a href="#">Choix des donnees</a></h3>
<div>
{% if table_variable %}
<div class="accordion">
<h3><a href="#">Choix des variables</a></h3>
<div>
<div class="accordion">
{% for title, var in table_variable %}
<h3><a href="#">{{ title }}</a></h3>
<div>
{% for el in var %}
<input type="checkbox" name="var {{ title }}" value="{{ el.name }}" />{{ el.name }}<br />
{% endfor %}
</div>
{% endfor %}
</div>
</div>
</div>
{% endif %}
</div>
</div>
{# accordion for the choice of conditions #}
<div class="accordion">
<h3><a href="#">Choix condition</a></h3>
<div>
{% if table_form %}
<div class="accordion">
{% for title, form in table_form %}
<h3><a href="#">{{ title }}</a></h3>
<div>
{{ form.as_p }}
</div>
{% endfor %}
</div>
{% endif %}
</div>
</div>
<input type="submit" value="submit" />
</form>
<script>
$(function() {
$( ".accordion" ).accordion({
collapsible: true,
autoHeight : false
});
$( "input:submit").button();
});
</script>
</body>
</html>
J'ai alors le message :
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
The view function uses RequestContext for the template, instead of Context.
In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
Merci d'avance pour l'aide.
Hors ligne