HTTP 403 with django form submission only on IE9

When using a standard Django form, i get a 403 ony when using IE. I investigated with wireshark, and my guess is that it comes from an incompatibility between IE and the nginx server. Details can be found here :

Any idea ?


It's unlikely to be incompatibility with Nginx. What is more likely is IE9 having not playing nicely with Django. People are reporting weirdness. See here for example.

Are you using any plugins in IE9? Anything that might block cookies? I imagine it would work if you turned of csrf protection. But obviously that's not a great solution. From reading that blog post above it seems like it could be tricky to debug. It sounds like you need to manually fiddle with the output of Django's form to make it work.

Certainly the HTTP headers you list in the SO post you linked both look fine to me, and I'd be quite surprised if IE9 failed to work with the third most popular webserver on the web.

I would be interested in seeing the wireshark capture of the POST request that IE9 is making to Django. I imagine it is not sending the hidden CSRF input field. That will trigger a 403 from Django. If you can get IE9 to send that field along with the rest of the POST data then it will work.