MozSecureWorld FAQ
From MozillaWiki
Contents
MozSecureWorld FAQ/Notes
Browser Cookie error
"Your Web browser doesn't appear to have cookies enabled." See solution here.
CSRF error
Django's fix to CSRF can be found in the tutorial. Where you put in
template.html:
{% csrf_token %}
views.py:
from django.shortcuts import render_to_response from django.template import RequestContext def ... return render_to_response('template.html', {'var_name': var_value}, context_instance=RequestContext(request))
But in the demo's setup with jingo and other stuff: template.html:
{{ csrf() }}
views.py:
import jingo return jingo.render(request, 'template.html', {"var_name": var_value})
AJAX CSRF 403 error
You have to send the csrf token along in ajax. You can get the csrf token value as:
var csrfvalue = $('input[name=csrfmiddlewaretoken]').val(); var sendData = {csrfmiddlewaretoken: csrfvalue, yourName: yourValue};
HTML is not rendered
Solution: Use Django |safe
Problem: After using bleach, the safe tags show up "<b>should be bolded</b>" instead of being rendered as should be bolded, you have to add a "|safe" to the template.html:
{{richtext.comment|safe}}