django ajax post 403 forbidden
you can actually pass this along with your data {csrfmiddlewaretoken:'{{csrf_token}}' } , it works all the time
In my case I have a template in which I don't want to have a <form></form>
element. But I still want to make AJAX POST requests using jQuery.
I got 403 errors, due to CSRF cookie being null, even if I followed the django docs (https://docs.djangoproject.com/en/1.5/ref/contrib/csrf/). The solution is in the same page, mentioning the ensure_csrf_cookie
decorator.
My CSRF cookie did get set when I added this at the top of my views.py
:
from django.views.decorators.csrf import ensure_csrf_cookie@ensure_csrf_cookie
Also, please note that in this case you do not need the DOM element in your markup / template: {% csrf_token %}
got it working by adding {% csrf_token %}
somewhere within the form in my template