django csrf 请求上下文 [英] django csrf RequestContext

问题描述

如果我在表单模板中包含 {% csrf_token%} 并在我的视图中导入 RequestContext，

If I include {% csrf_token%} in my form template and import RequestContext in my view,

在我看来，我是否必须包括其他任何内容，或者是否需要处理 csrf 保护，只需以下几点:

do I have to include anything else in my view or will the csrf protection be taken care of just be the following:

from django.shortcuts import render_to_response
from django import forms
from django.http import HttpResponseRedirect
from django.template import Template, RequestContext
from dash.forms import GradeForm


def register(request):
    if request.method == 'POST':
        form = GradeForm(data=request.POST)
        if form.is_valid():
            new_dash_profile = form.save()
            new_user = form.save()
            return  HttpResponseRedirect("/success/")
        else:
            form = RegisterForm()
        return render_to_response('grade.html',{'form':form})

推荐答案

对我来说，最简单的方法是在 render_to_response 函数中添加一个 RequestContext

To me, the easiest way is to add a RequestContext to the render_to_response function

return render_to_response('grade.html',
                          {'form':form},
                          context_instance=RequestContext(request))

这只是一种可能性，重要的是你应该在某处处理 csrf 令牌，RequestContext 会这样做.

This is just one possibility, the important thing is that you should process the csrf token somewhere, and RequestContext does that.

另一种可能是手动执行 ir:

An other possibility is to do ir manually:

from django.core.context_processors import csrf

params = {}
params.update(csrf(request))
return render_to_response('grade.html', params)

这篇关于django csrf 请求上下文的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！