How can I debug why in all my browsers I got The CSRF token is invalid error, but when I test same form with Functional test it works?
4 Answers
If you customized the way form renders the inputs check if you added {{form_rest(form) }} like in the next example.
Example
<form action="{{ path('BloggerBlogBundle_contact') }}" method="post" {{ form_enctype(form) }}>
{{ form_errors(form) }}
{{ form_row(form.name) }}
{{ form_row(form.email) }}
{{ form_row(form.subject) }}
{{ form_row(form.body) }}
{{ form_rest(form) }}
<input type="submit" value="Submit" />
</form>
1 Comment
Paweł Madej
i got only {{ form_widget(form) }} in template. token is visible in html source
When I commented my config.yml as below, everything started working? so new question is: What is wrong with commented part of this configuration?
session:
auto_start: true
# cookie_lifetime: 86400
# cookie_path: \
# cookie_domain: example.com
# cookie_secure: true
# cookie_httponly: true
Comments
For me disabling secure cookie resolved this problem after upgrading from symfony 2.0.16 to 2.1.6:
session:
cookie_lifetime: 3600
cookie_path: \
cookie_domain: .%base_domain%
cookie_secure: false
cookie_httponly: true
Comments
You can Use @csrf_exempt decorator to excempt csrf token for this you have to import
from django.views.decorators.csrf import csrf_exempt
then write @csrf_exempt before your view
this will work properly :)
1 Comment
Dmytro
This question is about Symfony2 and not Python or Django.
