2 problems with django-cookie-consent
9mido opened this issue · 3 comments
I also mentioned this issue in django-cookie-consent. Maybe both maintainers could work together to sort this out.
jazzband/django-cookie-consent#26
2 issues when using the combined middleware with django-cookie-consent.
Removing the combined middleware and django-honeypot completely caused both issues to go away.
First one is that I am unable to accept or decline cookies from the cookie bar that django-cookie-consent uses:
https://github.com/bmihelac/django-cookie-consent/blob/master/tests/core/templates/test_page.html
POST http://127.0.0.1:8000/cookies/accept/Stripe,Youtube/ 400 (Bad Request)
django-cookie-consent line showing the problem:
fetch(e.target.getAttribute("href"), {method: "POST"})
Failed to load resource. Responded a status of 400.
Tried changing the field name setting and that did not work.
The second one is that I am unable to use {% extends app/file.html %} to customize the honeypot_error.html file to make it look like the CSS the rest of my project uses.
If accepting or declining from the cookie bar:
POST http://127.0.0.1:8000/cookies/decline/Stripe,Youtube/ 500 (Internal Server Error)
django-cookie-consent line showing the problem:
fetch(e.target.getAttribute("href"), {method: "POST"})
If filling out the form (at /contact/ for example) and passing a value to the hidden django-honeypot value:
AttributeError at /contact/
'str' object has no attribute 'COOKIES'
cookie_consent/util.py in get_cookie_dict_from_request, line 36
https://github.com/bmihelac/django-cookie-consent/blob/master/cookie_consent/util.py
Reading the other issue, it sounds like honeypot isn't the issue. Going to close this, but if you have a test case that reproduces this feel free to reopen/open a new issue.
Yea I think you're right it seems to be a problem with django-cookie-consent. I left it here as an extra advertising place in hopes to get someone more experienced than me to fix it. Unfortunately they cannot reproduce the issue or view the videos I made for them. I would love to use django-honeypot but I cannot because the django-cookie-consent problem is not fixed.
I've looked into this issue as a maintainer of django-cookie-consent, and my conclusion is that the bug is in django-honeypot:
django-honeypot/honeypot/decorators.py
Line 29 in f532e45
does not pass the request to render_to_string, which causes Django not to use the right context and makes it so that context processors don't run. This in turn crashes django-cookie-consent because it requires the request to be available in the template context.