tags:

views:

166

answers:

2
Q: 

Why is Django admin login giving me 403 CSRF error?

I am running Django 1.2.2 and I get the following error when I try to log in to the Django admin:

Forbidden (403) CSRF verification failed. Request aborted.

Reason given for failure:

No CSRF or session cookie.

** I have made NO customization to the barebones admin and when I inspect the source there is a CSRF token in the form in what I believe is the correct place.

When I look at the actual request that is being sent there is a csrf token being sent but Django still says CSRF verification failed.

Can anyone point me in the right direction? Why is this happening?

+2  A: 

1) Do you have 'django.middleware.csrf.CsrfViewMiddleware' in your settings.MIDDLEWARE_CLASSES ?

2) Are you sure you've always been on 1.2.2? That only came out last night...

stevejalim  2010-09-09 15:58:48
Yes I have it in my MIDDLEWARE_CLASSES. Actually I think I was running 1.2.1 till this morning when I completely reinstalled it. Good catch.
thomallen  2010-09-09 16:01:33
If I inspect the request in Charles I can see that there is a csrfmiddlewaretoken in the request. So CSRF is working if the token is being generated. But why is it not seeing the token when the form is submitted?
thomallen  2010-09-09 16:14:19
+1  A: 

According to the docs, not only do you need the csrf hidden form field, but also the csrftoken cookie. The error message you provided also suggests a missing cookie.

I would look in your browser's cookies to ensure the csrftoken cookie is present.

slypete  2010-09-09 21:08:07
I finally figured out that I was only getting this error in Firefox. To correct this problem I went into my firefox cookies and deleted all of them for the django site. Once the browser had a new csrf cookie for the site it worked fine. Must have been an out of date cookie or something...
thomallen  2010-09-09 21:28:33

related questions

Programmatically talking to a Serial Port in OS X or Linux
Best ways to teach a beginner to program?
Calling a Function From a String With the Function's Name in Python
An executable Python app
Text Editor For Linux (Besides Vi)?
What Hosting Service is best for Django applications?
File size differences after copying a file to a server vía FTP
Python: what is the difference between (1,2,3) and [1,2,3], and when should I use each?
Python: What OS am I running on?
How do I make a menu in python that does not require the user to press (enter) to make a selection?
How do you express binary literals in Python?
What is the most efficient graph data structure in Python?
Adding a Method to an Existing Object
How to learn Python: Good Example Code?
How do I use Python's itertools.groupby()?
Python and MySQL
Class views in Django
Is there an IDE that provides code completion for Python
Using 'in' to match an attribute of Python objects in an array
cx_Oracle - what is the best way to iterate over a result set?
cx_Oracle - How do I access Oracle from Python?
Continuous Integration System for a Python Codebase
Get a preview jpeg of a pdf on windows?
How can I find the full path to a font from its display name on a Mac?
XML Processing in Python