Django 403 forbidden

Question

Django 1.9.5 When I press the button on the console of my browser displayed an error " http://127.0.0.1:8000/encrypt [HTTP/1.0 403 Forbidden 4мс]" What is the problem?

home.html

$(document).ready(function() {
    $("#encrypt").click(function () {
        var postData = {
            text: $("#input-box").val(),
            rotate: $("#rotate").val()
        };
        $.post('encrypt', postData);
        return false;
    });
});
  </script>

  <div class="container">
    <legend>Caesar cipher</legend>
    <div class="row">
      <form name="ciepher" method="POST" action="">
        {% csrf_token %}
        <!--form code -->
         <button class="btn" name="encrypt" id="encrypt"><span class="icon-arrow-right"></span></button>
      </form>

urls.py:

urlpatterns = [
    url(r'^$', views.home, name="home"),
    url(r'^encrypt$', views.encrypt, name="encrypt")
]

views.py:

def home(request):
    return render_to_response("home.html", context_instance = RequestContext(request))

def encrypt(request):
    input_text = request.POST["text"]
    rotate = request.POST["rotate"]
    output_text = models.encode(input_text, rotate)
    frequency = models.get_frequency(input_text)
    return render_to_response("home.html", {'input_text': input_text, 'rotate': rotate, 'output_text': output_text, 'frequency': frequency}, context_instance = RequestContext(request))

Thank you

Answer 1

You're not sending the CSRF token. You have it in your form, but you're posting data via Ajax not via a normal form submission; you need to include the token in the Ajax post data.