Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Welcome To Ask or Share your Answers For Others

Categories

0 votes
354 views
in Technique[技术] by (71.8m points)

CSRF verification failed on Production environment Django

I am using Django v2.2.8 with python 3.6.9. My payment gateway falls back on url which i specified i.e. https://example.com/success, https://example.com/failure after the transaction. However, i have used csrf_exempt on the views handling these urls which works fine in local environment but on production it gives 403 forbidden csrf verification failed.

Even on disabling whole CSRF middleware, error persists.

views.py

@csrf_exempt
def payu_failure(request):
    data = {k: v[0] for k, v in dict(request.POST).items()}
    response = payu.verify_transaction(data)
    return JsonResponse(response)

source from https://github.com/renjithsraj/paywix/blob/master/PAYU.md

settings.py

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

urls.py has proper configuration

path('failure', views.payu_failure, name='payu_failure'),
question from:https://stackoverflow.com/questions/65934935/csrf-verification-failed-on-production-environment-django

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome To Ask or Share your Answers For Others

1 Answer

0 votes
by (71.8m points)
Waitting for answers

与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…
Welcome to OStack Knowledge Sharing Community for programmer and developer-Open, Learning and Share
Click Here to Ask a Question

2.1m questions

2.1m answers

60 comments

57.0k users

...