Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Default CSRF validation with django #20

Closed
tiagob opened this issue Jan 11, 2013 · 5 comments
Closed

Default CSRF validation with django #20

tiagob opened this issue Jan 11, 2013 · 5 comments
Labels
bug

Comments

@tiagob
Copy link

tiagob commented Jan 11, 2013

In heavy_data.js your overriding the cookie which is used for CSRF in django forms.

Form submission fails with:
Forbidden (403)
CSRF verification failed. Request aborted.

Reason given for failure:
CSRF cookie not set.
@applegrew
Copy link
Owner

Can you please provide more details? I did not see this problem before.

@tiagob
Copy link
Author

tiagob commented Jan 11, 2013

I have 188 selected values. I'm using google chrome. It seems that my document.cookie can only take 75 of them before it starts replacing the ones it just set and the csrf token too in setCookie in heavy_data.js.

@tiagob
Copy link
Author

tiagob commented Jan 11, 2013

I got it working by replacing the cookie code in heavy_data.js with https://github.com/marcuswestin/store.js

@applegrew
Copy link
Owner

Oops. Good catch! Yes there is usually a max limit of 4KB limit on cookies. In your case you are hitting that at 75 elements. I will incorporate your suggestion in heavy_data.js.

@applegrew
Copy link
Owner

Please update to latest version. Noe django_select2 does not use cookies or localStorage at all.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@applegrew @tiagob