Django的403错误与CSRF令牌阿贾克斯视图 [英] django 403 error on ajax view with csrf token

查看:129
本文介绍了Django的403错误与CSRF令牌阿贾克斯视图的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

我试图找出如何使用Ajax在Django,和我一直运行到的403错误。 (这意味着,据我所知,这事与我的CSRF令牌出错。 但我不能找出我做错了。

I am trying to figure out how to use ajax with django, and i keep running into the 403 error. (which means as far as i know, that something with my CSRF token goes wrong. But i cant figure out what i do wrong.

网址:

urlpatterns = patterns('',
    url(r'^$', views.index, name='index'),
    url(r'^person/(?P<person_id>\d+)/$', views.person, name="person"),
    url(r'^search/$', views.search, name="search"),
    url(r'^search_person/$', views.search_person, name="search person"),
)

我的观点:

def search(request):
    args = {}
    args.update(csrf(request))
    return render(request, "search.html", args)

def search_person(request):
    if request.POST:
        search_text = request.POST['search_text']
    else:
        search_text = ""

    persons = Person.objects.filter(name__contains=search_text)
    return render_to_response("ajax_search.html", {"persons": persons})

我的模板: (search.html)

My templates: (search.html)

{% block js %}
    <script type="text/javascript" src="{% static 'assets/js/ajax_search.js' %}"></script>
{% endblock %}

{% block content %}
Search:<br>
{% csrf_token %}
<input type="text" id="search" name="search" />
<ul id="search-results">

</ul>
{% endblock %}

(ajax_search.html)

(ajax_search.html)

{% if persons.count > 0 %}
    {% for person in persons %}
    <li><a href="{% url 'person' person.id %}">{{ person.full_name }}</a></li>
    {% endfor %}

{% else %}
<li>No Results</li>

{% endif %}

和finaly我的jQuery

and finaly my jquery

$(function(){
    $('#search').keyup(function(){
        $.ajax({
            csrfmiddlewaretoken: $('input[csrfmiddlewaretoken]').val(), 
            type: "POST", 
            url: "/search_person/", 
            data: {
                'search_text': $('#search').val()
            },
            succes: searchSucces,
            dataType: "html"
        });
    });
});

function searchSucces(data, textStatus, jqXHR){
    $('#search-results').html(data);
}

我在做什么毛病我CSRF令牌?

What am i doing wrong with my csrf token?

推荐答案

想通了如何做到这一点,那么不妨张贴awnser。

Figured out how to do it, so might as well post the awnser.

function getCookie(name) {
    var cookieValue = null;
    if (document.cookie && document.cookie != '') {
        var cookies = document.cookie.split(';');
        for (var i = 0; i < cookies.length; i++) {
            var cookie = jQuery.trim(cookies[i]);
            // Does this cookie string begin with the name we want?
            if (cookie.substring(0, name.length + 1) == (name + '=')) {
                cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
                break;
            }
        }
    }
    return cookieValue;
}
var csrftoken = getCookie('csrftoken');


$(function(){
    $('#search').keyup(function(){
        $.ajax({type: "POST", url: "/search_person/", 
            data: {
                'search_text': $('#search').val(),
                csrfmiddlewaretoken: csrftoken
            },
            success: searchSuccess,
            dataType: "html"
        });     
    });
});

function searchSuccess(data, textStatus, jqXHR){
    $('#search_results').html(data);
}

这篇关于Django的403错误与CSRF令牌阿贾克斯视图的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆