Hi, im currently on: - Django version 1.3 rc 1 - uWSGI 0.9.6.8 - Python 2.6.5 - jQuery 1.5.1
This is my configuration from my production server, where i have an application that does simple operations on data, the general case is to have a form and send data over POST. Everything works fine until i try to make an AJAX call to a single view that pulls me some data from DB, when i access my view from a non-ajax way it returns me the data, but when i try to get it via ajax the uWSGI process hangs until it been killed. I use this snippet (from http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#ajax) : $('html').ajaxSend(function(event, xhr, settings) { function getCookie(name) { var cookieValue = null; if (document.cookie && document.cookie != '') { var cookies = document.cookie.split(';'); for (var i = 0; i < cookies.length; i++) { var cookie = jQuery.trim(cookies[i]); // Does this cookie string begin with the name we want? if (cookie.substring(0, name.length + 1) == (name + '=')) { cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); break; } } } return cookieValue; } if (!(/^http:.*/.test(settings.url) || / ^https:.*/.test(settings.url))) { // Only send the token to relative URLs i.e. locally. xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken')); } }); Local works great, but in production it fails, first i discover this snippet won't work on jQuery 1.5, it only works on jQuery 1.5.1, seems good for me to put that in the docs, to avoid people dont waste time as me. It works fine in my production server using this snippet: $('html').ajaxSend(function (event, xhr, settings) { function getCookie(name) { var cookieValue = null; if (document.cookie && document.cookie !== '') { var cookies = document.cookie.split(';'); for (var i = 0; i < cookies.length; i++) { var cookie = $.trim(cookies[i]); // Does this cookie string begin with the name we want? if (cookie.substring(0, name.length + 1) === (name + '=')) { cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); break; } } } return cookieValue; } if (!(/^http:.*/.test(settings.url) || / ^https:.*/.test(settings.url))) { // Only send the token to relative URLs i.e. locally. //xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken')); if (settings.data === null) { settings.data = ''; } settings.data = settings.data + '&csrfmiddlewaretoken=' + getCookie('csrftoken'); } }); For me seems like a problem when django reads the request header or something, i would like to share this, and see if we can find any solution, because for me using the header is more cleaner than sending the csrf value on the data. What you guys think? -- You received this message because you are subscribed to the Google Groups "Django developers" group. To post to this group, send email to django-developers@googlegroups.com. To unsubscribe from this group, send email to django-developers+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/django-developers?hl=en.
