Home/ Questions/Q 5974611
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-05-22T20:58:01+00:00

I’ve seen instances where people are getting forbidden errors while attempting to make remote

  • 0

I’ve seen instances where people are getting forbidden errors while attempting to make remote Ajax requests, but I’m making a local request and I also have CSRF turned on in my middleware.

errorThrown is returning “Forbidden”

I think the issue might be that I’m trying to send this to a normal view (the current page)… I’m not sure if my preprocessor is returning to the view to re-render the page.. or if it’s returning right back to my current page. (don’t think I explained that very well)

Hopefully this gives you a good enough picture of whats going on. Any/All help is appreciated.

the .ajax:

jQuery.ajax({
        type: "POST",
        dataType: "json",
        data: dataString,
        success: function(json) {
              jQuery(".signup").attr('disabled', false);
              $('.success').show();
              console.log(json.message);
        },
        error: function(jqXHR, textStatus, errorThrown) {
              jQuery(".signup").attr('disabled', false);
              $('.fail').show().append(errorThrown);
              console.log(textStatus);
        }

    });
Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    You need a CSRF token even if the request is to the same domain. There’s code here to add a CSRF token to your AJAX requests (with jQuery):

    https://docs.djangoproject.com/en/1.7/ref/contrib/csrf/#ajax

    This link points to version 1.7, if you are using a different version of Django you can select your version from the floater menu on the bottom right.

    • 0