Django Forbidden (CSRF cookie not set.): / POST / HTTP/1.1" 403 2864 on Google Colab

Question

so i'm tryin to run my Django web program on Google collab based on this tutorial https://medium.com/@arsindoliya/running-django-on-google-colab-ea9392cdee86

And i did it the web can running! running web

But, if i want to make POST it's always error like this

Forbidden (CSRF cookie not set.): / [22/Feb/2022 02:13:47] "POST / HTTP/1.1" 403 2864

And i'm already try some solution like put the CSRF_COOKIE_SECURE = True inside my settings.py but still not working and i do put the @csrf_token on my form too and it's still not working.

Also i wanna try this solution to

from django.views.decorators.csrf import csrf_exempt

but i'm still don't understand how to use that.

Does anyone has a solution for it? I'm still new in Django and i made it for my college's final project, so any solution that you guys make really helpful for me. Thank you

Answer 1

2 ways to solve this problem.

1. comment out the code about MIDDLEWARE in settings.py like this：

MIDDLEWARE = [
    'django.middleware.security.SecurityMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.common.CommonMiddleware',
    # 'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
    'django.middleware.clickjacking.XFrameOptionsMiddleware',
]

2. use @csrf_exempt to handle it,like this:

from django.views.decorators.csrf import csrf_exempt


@csrf_exempt
def rule_api(request):

    pass

Answer 2

In Django you useing method post you should do add it:

{% csrf_token %}

you can refer if at: https://docs.djangoproject.com/en/4.0/ref/csrf/