Django CSRF验证失败。请求中止.- CSRF cookie未设置 [英] Django CSRF verification failed. Request aborted.- CSRF cookie not set
问题描述
我正在尝试写一个简单的原始表单。我直到现在还没有实现任何身份验证或会话机制(但是从我所看到的那样,对于这个问题并不重要)。如果我错了,请更正。)
当我试图提交我的表单,我收到这个错误:
禁止(403)
CSRF验证失败。请求中止。
故障原因:
未设置CSRF cookie。
这是我的代码:
我的Views.py有这样的方法:
def submit(request):
全局alphabet_array
菜肴=菜.objects.all()。order_by('name')
如果request.method ==POST:
print request.POST ['restaurant']
print request.POST ['评价']
render_to_response('index.html',{},context_instance = RequestContext(request))
else:
render_to_response('index.html',{},context_instance = RequestContext请求))
许多人都说使用RequestContext解决了这个问题,但对我来说,即使这样也不行。
模板如下所示:
< form role = formaction =/ submit /method =post> {%csrf_token%}
< div class =form-group>
< label for =>餐厅名称< / label>
< input type =textname =restaurantclass =form-controlid =>
< / div>
< div class =form-group>
< label for =>评分< / label>
< select class =form-controlname =rating>
< option> - < / option>
< option> 1(非常糟糕)< / option>
< option> 2(bad)< / option>
< option> 3(平均)< / option>
< option> 4(好)< / option>
< option> 5(优秀)< / option>
< / select>
< / div>
< button type =submitclass =btn btn-primary btn-block>< i class =fa fa-check-circle>< / i>保存和LT; /按钮>
< / form>
settings.py中的middleware_classes如下所示:
MIDDLEWARE_CLASSES =(
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
' django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)
django.middleware.csrf.CsrfViewMiddleware位于'django.contrib.sessions.middleware.SessionMiddleware' / p>
我的url.py有条目:
url(r' ^ admin /',include(admin.site.urls)),
url(r'^ index / $','testapp.views.index'),
url(r' ^ starts_with /(?P< alphabet>。+)/ dish /(?P< dish_id> \d +)/ $','testapp.views.alphabet_dish'),
url(r'^ starts_with /( ?P<字母>。+)/ $','t estapp.views.alphabet'),
url(r'^ submit / $','testapp.views.submit'),
我真的不知道这里有什么问题。正如我所说,我已经在这里看过类似的帖子,并尝试回应中提到的一切。我错过了什么?我的浏览器是Chrome,它正在接受Cookie。
您的CSRF设置正常。问题是您没有返回结果。记住,视图是一个函数。你需要 return render_to_response(...)
不只是调用它(这也是为什么通过删除CSRF你得到的没有返回一个HttpResponse
错误)
除此之外,你正在做一些非常错误的一般事情:
- 不要使用render_to_response (使用render)。
- 不要重复你自己
- 不要在django中使用全局变量。
因此:
def submit(request):
#global alphabet_array
dishes = Dish.objects.all ().order_by('name')
如果request.method ==POST:
print request.POST ['restaurant' ]
print request.POST ['rating']
return render(request,'index.html',{})
I know this question has been asked before. I have tried almost all the options given by people but I cannot seem to solve it. I am a complete newbie so please let me know where I am going wrong.
I am trying to write a simple raw form. I have not implemented any authentication or session mechanism until now (but from what I have read that does not matter to this problem. Correct me if I am wrong).
When I try to submit my form, I get this error:
Forbidden (403)
CSRF verification failed. Request aborted.
Reason given for failure:
CSRF cookie not set.
This is my code:
My Views.py has this method:
def submit(request):
global alphabet_array
dishes = Dish.objects.all().order_by('name')
if request.method == "POST":
print request.POST['restaurant']
print request.POST['rating']
render_to_response('index.html', {}, context_instance=RequestContext(request))
else:
render_to_response('index.html', {}, context_instance=RequestContext(request))
Many have said that using RequestContext solves this issue but for me even that is not working.
The template looks as below:
<form role="form" action="/submit/" method="post">{% csrf_token %}
<div class="form-group">
<label for="">Restaurant Name</label>
<input type="text" name="restaurant" class="form-control" id="">
</div>
<div class="form-group">
<label for="">Rating</label>
<select class="form-control" name="rating">
<option>--</option>
<option>1 (very bad)</option>
<option>2 (bad)</option>
<option>3 (average)</option>
<option>4 (good)</option>
<option>5 (excellent)</option>
</select>
</div>
<button type="submit" class="btn btn-primary btn-block"><i class="fa fa-check-circle"></i> Save</button>
</form>
The middleware_classes in settings.py looks like:
MIDDLEWARE_CLASSES = (
'django.middleware.common.CommonMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
)
django.middleware.csrf.CsrfViewMiddleware is there and it is below 'django.contrib.sessions.middleware.SessionMiddleware'
My url.py is has entries:
url(r'^admin/', include(admin.site.urls)),
url(r'^index/$', 'testapp.views.index'),
url(r'^starts_with/(?P<alphabet>.+)/dish/(?P<dish_id>\d+)/$', 'testapp.views.alphabet_dish'),
url(r'^starts_with/(?P<alphabet>.+)/$', 'testapp.views.alphabet'),
url(r'^submit/$', 'testapp.views.submit'),
I am really not sure what is the problem here. As I said, I have read similar posts here and tried everything mentioned in the responses. What have I missed? My browser is Chrome and it is accepting cookies.
Your CSRF setup is fine. The problem is you are not returning the result. Remember that the view is a function. You need to return render_to_response(...)
not just call it (which is also why by removing CSRF you got the didn't return an HttpResponse
error)
Other than that, you are doing a few general things that are django-ically wrong:
Hence:
def submit(request):
# global alphabet_array
dishes = Dish.objects.all().order_by('name')
if request.method == "POST":
print request.POST['restaurant']
print request.POST['rating']
return render(request, 'index.html', {})
这篇关于Django CSRF验证失败。请求中止.- CSRF cookie未设置的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!