0

I'm trying to do a ajax file upload using django. I am trying to make this example work

http://www.johnberns.com/2010/07/08/using-valums-jquery-ajax-upload-with-django-1-2/

But strangely I keep getting "None" for my csrf token and even more strange is that I am doing the POST call sending the file but all I get on the server is just the following dict:

{u'csrfmiddlewaretoken': [u'None']}

What am I doing wrong?

Improve this question

1 Answer 1

Reset to default
2

The whole premise of that linked article is wrong. You don't need to worry about the CSRF token - CSRF protection is automatically disabled for Ajax uploads, since there is no way of making it work reliably. See the documentation.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

I think this is no longer the case with Django's 1.2.5 security release (all requests, regardless if Ajax, require csrf): djangoproject.com/weblog/2011/feb/08/security
@dolan: that's true. The original article is still wrong though.

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.