I have a site where users can log in from a perl front end and then are redirected to a django site. The site is on the same domain, maybe a different subdomain but the same domain nevertheless. Unfortunately, we're getting hit w/ "CSRF token missing or incorrect." errors. How can I f开发者_开发问答ix this?
Thanks
Are you passing the CSRF token back to django?
Check out the CSRF docs
http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#exceptions
There is lots of good info there.
For example, note about subdomains:
Subdomains By default, CSRF cookies are specific to the subdomain they are set for. This means that a form served from one subdomain (e.g. server1.example.com) will not be able to have a target on another subdomain (e.g. server2.example.com). This restriction can be removed by setting CSRF_COOKIE_DOMAIN to be something like ".example.com".
You could also disable CSRF protection for whatever view is throwing that error (in link above) via the @csrf_exempt
decorator.
精彩评论