Opened 4 years ago

Closed 4 years ago

#15925 closed Bug (duplicate)

CSRF AJAX section unclear

Reported by: morgan.harris@… Owned by: nobody
Component: Documentation Version: 1.3
Severity: Normal Keywords:
Cc: Triage Stage: Accepted
Has patch: no Needs documentation: no
Needs tests: no Patch needs improvement: no
Easy pickings: yes UI/UX:

Description

The AJAX section of the CSRF page isn't clear about the need to include the template tag. The cookie isn't sent if the tag isn't included in the template, which is not explicitly mentioned at all on the page, and not even brought up anywhere near the AJAX section. There should be, somewhere either near the top or near the AJAX section, a note that is in a box or in some way delineated from the rest of the page, explaining that the cookie will only be sent if the template tag is used somewhere in the template. For AJAX requests, this isn't necessarily the case.

Note: this is after literally days of trying to track down why my CSRF token wasn't being sent. Perhaps it was an obvious solution, but perhaps not; after all, it's never mentioned in the docs. They imply that the cookie is always sent.

Change History (1)

comment:1 Changed 4 years ago by aaugustin

  • Easy pickings set
  • Needs documentation unset
  • Needs tests unset
  • Patch needs improvement unset
  • Resolution set to duplicate
  • Status changed from new to closed
  • Triage Stage changed from Unreviewed to Accepted

Pretty much the same issue was reported in #15354.

Note: See TracTickets for help on using tickets.
Back to Top