Forbidden (403) CSRF verification failed. When converting an answer to comment and back to an answer 0.11.x

[damascene]

On 0.11.x after I convert an answer to a comment by clicking on the "repost as a question comment" button then I changed my mind and wanted to post it as an answer again by pressing "convert to answer" I got this:

Forbidden (403)

CSRF verification failed. Request aborted.
Help

Reason given for failure:

    CSRF token missing or incorrect.
    

[martin-bts]

The part of the displayed page that has the "convert to answer"-link is created with javascript, i.e. on the client side. This means the CSRF token is not rendered into the link by Askbot. Instead, javascript reads it directly from the cookie.

I can reproduce your problem by adding CSRF_COOKIE_HTTPONLY = True to my settings.py. According to the fine manual,

If this is set to True, client-side JavaScript will not be able to access the CSRF cookie.

As you apparently can use Askbot, but not that particular function, my best guess is you have that option set. Can you please check if you have that setting? To be sure, can you please also check whether the cookie in your browser, when you reproduce the problem, has http_only set?