Django 1.2 CSRF verification failed
17/02/2010Are you updating an old Django project to use Django 1.2, and getting this error message when you try to login to the Django admin page?
403 Forbidden
CSRF verification failed. Request aborted.
HelpReason given for failure:
CSRF cookie not set.
Then you need to add ‘django.middleware.csrf.CsrfViewMiddleware’, and ‘django.middleware.csrf.CsrfResponseMiddleware’ your settings.py file. Mine looks like this:
MIDDLEWARE_CLASSES = (
‘django.middleware.common.CommonMiddleware’,
‘django.contrib.sessions.middleware.SessionMiddleware’,
‘django.contrib.auth.middleware.AuthenticationMiddleware’,
‘django.middleware.csrf.CsrfViewMiddleware’,
‘django.middleware.csrf.CsrfResponseMiddleware’,
)
Thanks to the Django docs http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#how-to-use-it
There are 26 comments in this article: