CSRF token missing or incorrect.
var data = 'id=0'; POST_AJAX(data);
function getCookie(name) { var cookieValue = null; if (document.cookie && document.cookie != '') { var cookies = document.cookie.split(';'); for (var i = 0; i < cookies.length; i++) { var cookie = cookies[i].trim(); if (cookie.substring(0, name.length + 1) == (name + '=')) { cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); break; } } } return cookieValue; } var csrftoken = getCookie('csrftoken'); data = 'csrftoken=' + csrftoken + '&' + data; var xhr = new XMLHttpRequest(); xhr.open("POST", '{% url 'to_friend' %}', true); xhr.setRequestHeader('Content-Type', ENCTYPE); xhr.onreadystatechange = function() { alert( xhr.status + ': ' + xhr.statusText ); } xhr.send(data);
def ToFriend(request): if request.method == "POST": user_id = request.POST.get("id",'') user = Profile.objects.get(id=user_id) print user return HttpResponse("ok!--=")
data = 'csrfmiddlewaretoken=' + csrftoken + '&' + data;