Revision history [back]

Revision 2

updated 2011-06-10 12:27:52 -0600

Do your templates have {% csrf_token %} inside each <form>? I'd add them right after the <form> opening tag.

The template tag inserts a hidden field with a token to prevent cross site scripting.

edit maybe you have something missing in the settings.py? Sorry, somehow I assumed you've customized the skin and lost the csrf_tokens.

You'd need:

'django.core.context_processors.csrf' in TEMPLATE_CONTEXT_PROCESSORS
CSRF_COOKIE_NAME - some string
CSRF_COOKIE_DOMAIN - your domain name - like 'example.com'

If CSRF_COOKIE_DOMAIN does not match yours, you'll see that error.

Revision 1

13.2k

Evgeny

answered 2011-06-09 12:19:46 -0600

Do your templates have {% csrf_token %} inside each <form>? I'd add them right after the <form> opening tag.

The template tag inserts a hidden field with a token to prevent cross site scripting.

edit maybe you have something missing in the settings.py? Sorry, somehow I assumed you've customized the skin and lost the csrf_tokens.

You'd need:

'django.core.context_processors.csrf' in TEMPLATE_CONTEXT_PROCESSORS

CSRF_COOKIE_NAME - some string

CSRF_COOKIE_DOMAIN - your domain name - like 'example.com'

If CSRF_COOKIE_DOMAIN does not match yours, you'll see that error.