Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

django-ajax-uploader how to send csrf_token with fine-uploader 3.5.0

I am implementing django-ajax-uploader in a project, but I want to use latest version of fineuploader that is currently under 3.5.0, supposedly, as documentation says the only thing I should do to send csrf_token is putting it inside customHeaders dictionary:

If you want to use the latest version of Fine Uploader, as valum's file-uploader is now called, instead of the one bundled with django-ajax-uploader, you can do so by replacing the params arguments in the above template with the following customHeaders:

customHeaders: { 'X-CSRFToken': '{{ csrf_token }}', },

Here is my full code:

...    
        <h1>qq-file-uploader</h1>
        <div id="upload-button" class="btn btn-primary"><i class="icon icon-cloud-upload icon-white"></i> Selecciona un archivo</div>
        <div id="file-upload"></div>
    </form>
{% endblock %}

{% block styles %}
    <link rel="stylesheet" type="text/css" href="{{ STATIC_URL }}js/libs/jquery.fineuploader-3.5.0/fineuploader-3.5.0.css"/>
{% endblock %}

{% block javascript %}
    <script type="text/javascript" src="{{ STATIC_URL }}js/libs/jquery.fineuploader-3.5.0/jquery.fineuploader-3.5.0.min.js"></script>
    <script type="text/javascript">
        $(function(){
            $('div#file-upload').fineUploader({
                customHeaders: {
                    'X-CSRFToken': '{{ csrf_token }}'
                },
                request: {
                    endpoint: '{% url 'documents:qq_file_uploader' %}'
                },
                button: $('div#upload-button'),
                multiple: false,
            });
        });
    </script>
{% endblock %}

In my views.py I have: qq_file_uploader = AjaxFileUploader()

And everytime I try to upload any file within the view a I got a 403 error: CSRF verification failed. Request aborted.

like image 788
Cristian Rojas Avatar asked May 02 '13 14:05

Cristian Rojas


1 Answers

use the request.params to set the token and sent it via POST.

...
request: {
    endpoint: '{% url 'documents:qq_file_uploader' %}',
    params: {
        'csrfmiddlewaretoken': '{{ csrf_token }}'
    }
},
...
like image 165
panchicore Avatar answered Sep 30 '22 16:09

panchicore