CSRF 令牌丢失或不正确，即使包含令牌标签 [英] CSRF token missing or incorrect, even after including the token tag

问题描述

我收到CSRF 令牌丢失或不正确"错误，但我已经在网络表单中添加了 {% csrf_token%} 标记.知道为什么我仍然面临这个错误吗?

I am getting a 'CSRF token missing or incorrect' error, but I have already added the {% csrf_token%} tag in the web form. Any idea why I still face this error?

def index(request):
    if request.method == 'POST':
        form = RequestForm(request.POST)
        if form.is_valid():
            form.save()
            return render(request, 'index.html')
    else:
        form = RequestForm()
    return render(request, 'index.html', {'form': form})`

我无法发布模板，但我使用了如下所示的令牌

I cannot post the template, but I use the token as shown in line below

<form id="reqForm" action="" method="POST" enctype="text/plain">{% csrf_token %}

推荐答案

看起来您的问题出在表单中的 enctype="text/plain".CSRF 保护假设 post 数据是表单编码的.

It looks like your problem is enctype="text/plain" in your form. The CSRF protection assumes that the post data is form encoded.

最简单的解决方法是完全删除它，这相当于:

The simplest fix is to remove that entirely, which is equivalent to:

enctype="enctype=application/x-www-form-urlencoded"

如果您在表单中上传文件，您将使用:

If you were uploading files in your form you would use:

enctype="multipart/form-data"

这篇关于CSRF 令牌丢失或不正确，即使包含令牌标签的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！