django-ajax icon indicating copy to clipboard operation
django-ajax copied to clipboard

Published 20 hours ago verified publisher icon joestump

403 response + 404 is not ajax ?

Open vincentalvo opened this issue 11 years ago • 3 comments

Hi !

I'm trying to get starting with django-ajax. It looks perfect for what I'd like to do! First problem is that I get 403 forbidden response when I try a post in my JS. Which makes sense if I didn't get the CRSF token... But I expected the app to take care of that. No?

Another point, I get something when I just try to browse to the ajax address from the browser. Shouldn't the app check for is_ajax() request and throw an error if not?

I'm just getting the feeling that I'm doing something wrong. Is it me or have you encountered those problem before?

Thanks for your time! Vince

vincentalvo avatar Aug 18 '13 23:08 vincentalvo

Hey Vince,

If you post some code in a gist, I might be able to comment. The application doesn't integration with Django's CSRF or is_ajax() stuff, but it definitely should. We welcome pull requests. :)

Cheers,

--Joe

Joe Stump @joestump

On Sunday, August 18, 2013 at 4:53 PM, vincentalvo wrote:

Hi ! I'm trying to get starting with django-ajax. It looks perfect for what I'd like to do!
First problem is that I get 403 forbidden response when I try a post in my JS. Which makes sense if I didn't get the CRSF token... But I expected the app to take care of that. No?
Another point, I get something when I just try to browse to the ajax address from the browser. Shouldn't the app check for is_ajax() request and throw an error if not?
I'm just getting the feeling that I'm doing something wrong. Is it me or have you encountered those problem before?
Thanks for your time!
Vince

— Reply to this email directly or view it on GitHub (https://github.com/joestump/django-ajax/issues/43).

joestump avatar Aug 18 '13 23:08 joestump

Thanks for your prompt reply!

Well, I'm starting with ajax to be honest. I've got just no more code that your examples to post here...! Just couldn't get them to work, I think it's bc of the CRSF token. I'm definitely willing to have a go at adding the is_ajax and CSRF stuff if I continue using this app! Any idea how to do this? From what I understand it's a bit of code to add to the js? I think I understand that django-dajaxice does it with a template tag. What about actually using django-dajaxice and add your magic logic to get access the models?

Sorry if I'm asking naive stuff, just trying to make sense to all the ajax / django apps available.

Thanks! Vince

vincentalvo avatar Aug 19 '13 00:08 vincentalvo

I believe you are looking for this. https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ajax

cam-stitt avatar Sep 04 '14 22:09 cam-stitt