CSRF cookie未设置django ...验证失败 [英] CSRF cookie not set django...verification failed
本文介绍了CSRF cookie未设置django ...验证失败的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!
问题描述
AoA
我是新的Django,我试图从POST获取数据,但得到错误CSRF cookie未设置,我试图很多通过google找到解决方案google和stackoverflow,但失败
AoA I am new to Django, I am trying to get data from POST, but getting error CSRF cookie not set, I tried alot to find the solution on google and stackoverflow via google too, but failed
这里是代码
from django.http import HttpResponse
from django.template.loader import get_template
from django.template import Context
from django.template import RequestContext
from django.core.context_processors import csrf
from django.shortcuts import render_to_response
def search_Post(request):
if request.method == 'POST':
c = {}
c.update(csrf(request))
# ... view code here
return render_to_response("search.html", c)
def search_Page(request):
name='Awais you have visited my website :P'
t = get_template('search.html')
html = t.render(Context({'name':name}))
return HttpResponse(html)
HTML文件
HTML File
<p>
{{ name }}
<form method="POST" action="/save/">
{% csrf_token %}
<textarea name="content" rows="20" cols="60">{{content}}</textarea><br>
<input type="submit" value="Save Page"/>
</form>
<div> Cant figure out any solution! :( </div>
</p>
.py
url.py
url(r'^home/$', 'contacts.views.home_Page'),
url(r'^save/$', 'contacts.views.search_Post'),
url(r'^edit/$', 'contacts.views.edit_Page'),
url(r'^search/$', 'contacts.views.search_Page'),
settings.py
settings.py
TEMPLATE_CONTEXT_PROCESSORS = (
'django.core.context_processors.csrf',
'django.contrib.auth.context_processors.auth',
'django.core.context_processors.debug',
'django.core.context_processors.i18n',
'django.core.context_processors.media',
'django.core.context_processors.static',
'django.core.context_processors.request',
'django.contrib.messages.context_processors.messages'
)
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
# Uncomment the next line for simple clickjacking protection:
# 'django.middleware.clickjacking.XFrameOptionsMiddleware',
)
推荐答案
我有同样的问题,并通过添加 ensure_csrf_cookie decorator 到您的视图:
I had the same problem, and resolved it by adding the ensure_csrf_cookie decorator to your view:
from django.views.decorators.csrf import ensure_csrf_cookie
@ensure_csrf_cookie
def yourView(request):
#...
它会在浏览器cookie中设置csrftoken,并且可以像这样创建ajax
It will set csrftoken in browser cookie and you can make ajax like this
function getCookie(name) {
var cookieValue = null;
if (document.cookie && document.cookie != '') {
var cookies = document.cookie.split(';');
for (var i = 0; i < cookies.length; i++) {
var cookie = jQuery.trim(cookies[i]);
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) == (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}
function csrfSafeMethod(method) {
// these HTTP methods do not require CSRF protection
return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
}
$.ajaxSetup({
crossDomain: false, // obviates need for sameOrigin test
beforeSend: function(xhr, settings) {
if (!csrfSafeMethod(settings.type)) {
xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken'));
}
}
});
$.ajax({
url: url,
type: type,
async: async,
data: data,
error: function (e) {},
success: function (data) {
returnFunction(data);
}
});
这篇关于CSRF cookie未设置django ...验证失败的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
查看全文
