Django:禁止(未设置CSRF cookie.) [英] Django: Forbidden (CSRF cookie not set.)
本文介绍了Django:禁止(未设置CSRF cookie.)的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
我遇到未设置CSRF Cookie"的问题.我需要的是外部计费平台将更新发送到django服务器.它在本地可与Postman一起使用,但在演示服务器中无法使用...
I am having a problem with "CSRF cookie not set". All I need is that the external billing platform send the update to the django server. Locally it works with Postman but in the demo server its not working...
# views.py
from django.views.decorators.csrf import csrf_exempt
from django.http import JsonResponse
@csrf_exempt
def postback(request):
print(request.POST)
return JsonResponse({'ok': 'hoooh!'})
# urls.py
from django.conf.urls import url
from billing import views
urlpatterns = [
url(r'^postback/$', views.postback),
]
错误
Forbidden (CSRF cookie not set.): /billing/postback/
[21/Jul/2016 10:49:21] "POST /billing/postback/ HTTP/1.1" 403 2682
回发到requestb服务器的结果
https://requestb.in/p0rihap0?inspect#t67d6c
- Python 3.5.1 +
- Django 1.10rc1
推荐答案
如果您在设置文件中将 CSRF_COOKIE_SECURE 设置为 True ,则cookie将为标记为安全",因此需要HTTPS连接.
If you have set the CSRF_COOKIE_SECURE to be True in your settings file, then the cookie will be marked as "secure" and therefore will need an HTTPS connection.
这就是为什么您收到该错误的原因.
Which is why you receive that error.
有关详细信息,请此处.
这篇关于Django:禁止(未设置CSRF cookie.)的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
