Django 1.9: CSRF token missing or incorrect using Stripe

Question

This might be a duplicate but i tried using RequestContext from other answers but it didnt work for me

checkout_test.html:

<form action="" method="POST"> {% csrf_token %}
    <script src="https://checkout.stripe.com/checkout.js" class="stripe-button"
        data-key="pk_test_37uDrOYvvyyJSLoV0ziJcYyl"
        data-amount="2000"
        data-name="Demo Site"
        data-description="2 widgets ($20.00)"
        data-image="/128x128.png"
        data-locale="auto">
    </script>
</form>

views.py

def user_review_list(request, username=None, errmsg=None):
    return render(request, 'checkout_test.html', {})

so in user_review_list.html, there is a button provided by stripe when i fill out info and click the button, it raises error:

CSRF token missing or incorrect.

How can i fix this?

I've already tried changing render to render_to_response with RequestContext but that didnt work

score 2 · Accepted Answer · answered Feb 29 '16 at 04:12

2

You cannot pass your CSRF cookie to Stripe and back. One workaround is to use the @csrf_exempt decorator:

from django.views.decorators.csrf import csrf_exempt

@csrf_exempt
def user_review_list(request, username=None, errmsg=None):
    ...

answered Feb 29 '16 at 04:12

Selcuk

57,004
12
102
110

Django 1.9: CSRF token missing or incorrect using Stripe

1 Answers1