5

This is my view.py I am trying to get a response from a Payment Gateway but m getting an 403 Forbidden CSRF verification failed. Request aborted. after Payment I exempted CSRF Token for the view but still its showing same Error

from django.views.decorators.csrf import csrf_exempt

@csrf_exempt
def resp(request, encResp):
    print " RESPONSE WITH CSRF EXEMPT " 
    '''
    Please put in the 32 bit alphanumeric key in quotes provided by CCAvenues.
    '''
    workingKey = WorkingKey
    decResp = decrypt(encResp,workingKey)
    data = '<table border=1 cellspacing=2 cellpadding=2><tr><td>'   
    data = data + decResp.replace('=','</td><td>')
    data = data.replace('&','</td></tr><tr><td>')
    data = data + '</td></tr></table>'

    html = '''\
    <html>
        <head>
            <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
            <title>Response Handler</title>
        </head>
        <body>
            <center>
                <font size="4" color="blue"><b>Response Page</b></font>
                <br>
                $response
            </center>
            <br>
        </body>
    </html>
    '''
    fin = Template(html).safe_substitute(response=data)
    return HttpResponse(fin)

I read many solutions on stackoverflow and tried but still cant get it right

My main urls.py

url(r'^booked/', include('booking.urls')),

My urls.py in app named booking

urlpatterns = patterns('',
url(r'^responce-cc/', "booking.views.resp", name="cc_response_url"),)

and the redirect url I am passing to payment gateway is

https://www.mysitename.com/booked/responce-cc/
Bijoy
  • 1,131
  • 1
  • 12
  • 23
  • 1
    With @csrf_exempt, I don't think you can get a CSRF verification error. You must somehow be calling another view. – RemcoGerlich Dec 12 '16 at 15:54
  • No i have the correct url of the view, but still gets the same error – Bijoy Dec 13 '16 at 03:50
  • Still the error is somewhere in that. Maybe post your whole urlconf and the URL you're calling? – RemcoGerlich Dec 13 '16 at 12:35
  • I have added urls.py for the following issue – Bijoy Dec 14 '16 at 03:54
  • I had same issue, again on an another project, wierdly enough i just pasted the view with `csrf_exempt` in other app's view (same project) and configured the urls and it worked !!! – Bijoy Apr 28 '18 at 03:59

2 Answers2

0
from ccavutil import encrypt,decrypt
from string import Template
from django.http import HttpResponse

def res(encResp):
'''
Please put in the 32 bit alphanumeric key in quotes provided by CCAvenues.
'''  
workingKey = 'WorkingKey'
decResp = decrypt(encResp,workingKey)
data = '<table border=1 cellspacing=2 cellpadding=2><tr><td>'   
data = data + decResp.replace('=','</td><td>')
data = data.replace('&','</td></tr><tr><td>')
data = data + '</td></tr></table>'

html = '''\
<html>
    <head>
        <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
        <title>Response Handler</title>
    </head>
    <body>
        <center>
            <font size="4" color="blue"><b>Response Page</b></font>
            <br>
            $response
        </center>
        <br>
    </body>
</html>
'''
fin = Template(html).safe_substitute(response=data)
return HttpResponse(fin)

Use the above code to have everything in place! :)

Aman Khantaal
  • 1
  • It is the same code I wrote, also i had imported Template, HttpResponse and encrypt, decrypt . – Bijoy Jan 02 '17 at 04:33
-1

add {% csrf_token %} somewhere between body.

Roman Marusyk
  • 23,328
  • 24
  • 73
  • 116
user7285867
  • 1