Django 1.2 CSRF verification failed

17/02/2010

Are you updating an old Django  project to use Django 1.2, and getting this error message when you try to login to the Django admin page?

403 Forbidden

CSRF verification failed. Request aborted.
Help

Reason given for failure:

CSRF cookie not set.

Then you need to add  ‘django.middleware.csrf.CsrfViewMiddleware’, and  ‘django.middleware.csrf.CsrfResponseMiddleware’ your settings.py file. Mine looks like this:

MIDDLEWARE_CLASSES = (
‘django.middleware.common.CommonMiddleware’,
‘django.contrib.sessions.middleware.SessionMiddleware’,
‘django.contrib.auth.middleware.AuthenticationMiddleware’,
‘django.middleware.csrf.CsrfViewMiddleware’,
‘django.middleware.csrf.CsrfResponseMiddleware’,
)

Thanks to the Django docs http://docs.djangoproject.com/en/dev/ref/contrib/csrf/#how-to-use-it


Warning: count(): Parameter must be an array or an object that implements Countable in /home/public/blog/wp-includes/class-wp-comment-query.php on line 399

There are 26 comments in this article:

  1. 28/05/2010Derek say:

    I think you need to change the ‘ quotes to normal ‘ ones, for this code to be copy-and-pasteable.

    Thanks!

  2. 28/05/2010Derek say:

    I see your blog software mangles the quotes even in these comments :(

  3. 3/06/2010adamnfish say:

    Very helpful, thanks a lot. Google to the rescue, as ever :)

  4. 24/08/2010shrenik say:

    Thanks a lot !!

    It works for me.

  5. 14/09/2010David Allwhole say:

    Very helpful indeed…
    Many thanks! :)

  6. 22/09/2010Steven Elliott say:

    Thanks for this! This is exactly what I was looking for!

  7. 1/10/2010sahir say:

    for beginner really formula for pain relief.

  8. 27/01/2011kjh say:

    Thank you very much!!!

  9. 24/03/2011qtejqp say:

    Thanks!

  10. 31/03/2011Billy say:

    Really helpful to me too, 😀
    thanks !

  11. 13/04/2011kman say:

    Cheers, just what I needed!

  12. 20/05/2011mike say:

    thanks mate!

  13. 18/06/2011Ely say:

    thank you, very helpful to me.

  14. 23/06/2011tromf say:

    its deprecated

    http://docs.nullpobug.com/django/trunk/django.middleware.csrf.CsrfResponseMiddleware-class.html

  15. 28/06/2011fonso say:

    Thank you!

  16. 4/07/2011afgoulart say:

    Thank you! For help me!

  17. 30/07/2011SixDegrees say:

    Thanks. Works perfectly.

    “you need to add ‘django.middleware.csrf.CsrfViewMiddleware’, and ‘django.middleware.csrf.CsrfResponseMiddleware’ your settings.py file.”

    I guess that’s why the Django automatic project creation code only puts the ‘View’ middleware in the settings file.

  18. 3/08/2011Brian say:

    Thanks

  19. 10/11/2011Rodrigo say:

    Cheers mate!

  20. 7/12/2011MacBook Airにdjango開発環境を整えた « ボーダーレスライフ say:

    […] http://josh.gourneau.com/blog/2010/02/17/django-12-csrf-verification-failed/ […]

  21. 31/12/2011xwb1989 say:

    thx a lot!

  22. 15/01/2012Simple Dimple say:

    Very helpful

  23. 5/04/2012Sumit say:

    After removing comment django.middleware.csrf.CsrfResponseMiddleware i got
    “A server error occurred. Please contact the administrator.” on all pages … it is giving me more trouble. Any help will be appreciated

  24. 5/04/2012josh say:

    Enable Django debugging to get a more verbose error message.

  25. 15/01/2013Robert say:

    Thanks! Very helpful!

  26. 21/01/2013YoRolling say:

    It works well with Django 1.2,but not Django 1.4. I fix the error follow the Django documents,but it still does not work well,do you have any idea?thank you so much.

Write a comment: