Django+ajax (jquery): http error code 403 (forbidden) [closed] - ajax

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
I was developing a simple ajax call ($.ajax function with type, url and data as options parameters) with jquery in a page, but i got 403 error.
So i have added to $.ajax function a further options parameter for csrf, and the corresponding token is correcly displayed in the template.
But i got 403 error again.
I also have tried to add to view handler (in views.py) a csrf decorator, like #csrf_protect or #requires_csrf_token but nothing is changed.
Some help?
I have seen this pattern to make an ajax call in django https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#s-ajax
but it is really too much code for me to make a simple ajax call, so i find a short solution

If you don't want to use the CSRF protection for that view, the decorator you want is #csrf_exempt--those other will just ensure that the CSRF protection is applied. That's probably the simplest solution, especially if the call isn't particularly security-sensitive.
Alternatively, make sure you're following the method mentioned in the docs here: https://docs.djangoproject.com/en/dev/ref/contrib/csrf/#page-uses-ajax-without-any-html-form

Related

Cannot login with auth.basic in L4 [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 9 years ago.
I installed 2 versions of Laravel. The one installed in localhost (Windows - Wampserver) is to test function auth.basic & login normally. But the other installed in server Centos is unable to login, I tried again & again but haven't found the causes yet :(
Anybody know how to check & solve this situation? Tks.
In your code in http://paste.laravel.com/qBt , you are using 2 routes with same destination /. Should be one:
Route::get('/', array('before'=>'auth.basic', function()
{
return View::make('hello');
}));
For test user creation use another route, /user or so and hit it once using your browser.

how do you set up CORS with Angular JS [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 9 years ago.
How do I set up Angular to send the correct headers when making Cross Domain Ajax Requests?
What worked for me:
After about a full day of trying to find an answer to configuring my Angular application to work with CORS, I finally came up with a solution that works! Assuming you have set up the server correctly - the only thing you need to do on the client is delete the default header in your app config.
angular.module('myApp').config(['$httpProvider', function($httpProvider) {
delete $httpProvider.defaults.headers.common['X-Requested-With'];
});
The X-Requested-With header identifies the request as an AJAX request - and by default cross domain is not allowed. So all we need to do is remove it from our default settings and BOOM! It works.
For our application we are using a play backend(1.2.5) - The line of code we needed to add to make that work was:
Add headers to allow cross-domain requests. Be careful, a lot of browsers don't support these features and will ignore the headers. Refer to the browsers' documentation to know what versions support them.
Parameters:
allowOrigin a comma separated list of domains allowed to perform the x-domain call, or "" for all.
allowMethods a comma separated list of HTTP methods allowed, or null for all.
allowCredentials Let the browser send the cookies when doing a x-domain request. Only respected by the browser if allowOrigin != ""
Http.Response.current().accessControl("*", "GET,PUT,POST,DELETE,OPTIONS",false);

Has anyone tried the new opengraph beta api with rails? [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
I'm wondering if anyone's given the new api introduced with rails yet? I began a mock app through facebook and heroku and it actually generates the beginnings of a sinatra based project. Has anyone crossed over to rails by chance?
I'm actually working on an app using the new OpenGraph & Rails. With the koala gem, it's pretty easy for example to post an action on the timeline of an user, you just need to do a
res = api.put_connections(current_user.fbid, "namespace:verb", myobject: "link_to_my_object" )
And you will get the action's id in response if all it's fine.
I did the mock app too, and it works fine for the app (stuffed cookies). I need to understand the javascript a bit more to move it over.

What's Request Class (in Kohana) Common Tasks? [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 11 years ago.
I'm creating PHP framework with MVC architecture and I take ideas from some already finished frameworks like Kohana 3.1. I have seen Request class in lot of other frameworks too. What's it common tasks? Nice explanation would be priceless! ))
It represents the user's HTTP request and launches the appropriate resources in the framework (controller usually). Not a terribly difficult concept.
Request class will look for a matching route and load the appropriate controller to handle the request.

When Ajax should be used and when it should not? [closed]

It's difficult to tell what is being asked here. This question is ambiguous, vague, incomplete, overly broad, or rhetorical and cannot be reasonably answered in its current form. For help clarifying this question so that it can be reopened, visit the help center.
Closed 13 years ago.
I’m planning on using Ajax with my web application, but as I’m novice and don’t have much experience I wonder when ajax should and when should not be used? I plan to code with jQuery/php if it makes any difference.
AJAX is most useful when your application wants to present a data set to its user in many different ways. Sorting and filtering and in general interacting with a data set feels best when there are no delays waiting for a server to redraw the pages and send them over the network. It's also nice for handling display of new data arriving on the server -- the client can just pull the data that is new and merge it into the data set on the client rather than requiring a whole new page draw including all the data you've seen before. This can save quite a bit of bandwidth.
AJAX should not be used when you need to keep your application simple, though technologies like jquery are making the client side easier and easier to get right. But in general I would say that if the information you're delivering is pretty static -- it only needs to be viewed in one or two ways, then an AJAX approach may just be overengineering.
That is not an easy question to answer without more information about your application. I find myself using Ajax to save very complicated pages. For instance I might have a page with a datagrid on it where people can enter multiple records at a time. It is also nice when you want to do partial updates of pages maybe when filtering a list or doing paging. Using ajax usually a lot more work than just posting back to the server so don't go too overboard.
For me, Ajax is useful in interacting with the DB, and for JQuery is for trapping entries of the user without bothering the whole page. So AJAX and JQuery, if mastered, will create a one hell of a website.
For when not to use it see When NOT to use AJAX in web application development?
In terms of when to use it my thoughts are:
When you don't want the user to endure a full refresh of the page when they trigger an action
When a rich UI is important to you.
When you can achieve the same effect without using AJAX using Jquery/JavaScript

Resources