Django 1.9 CSRF验证失败。请求中止 [英] Django 1.9 CSRF verification failed. Request aborted
问题描述
我有一个CSRF问题。我知道必须使用:{%csrf_token%},但问题是一样的。
这是我的形式:
< form action =。方法= POST >
{%csrf_token%}
.......
< / form>
views.py:
尝试1 :
$ / $ c $ def $ $ c>
尝试2:
def registro (请求):
c = {}
c.update(csrf(request))
返回render_to_response('registro.html',c)
尝试3:
def registro(request) :
c = {}
return render(request,'nuevavista.html',c)
完成views.py:
from django.shortcuts import render_to_response,HttpResponse,render,RequestContext
from django.core.context_processors导入csrf
from django.utils import timezone
from .models import Articulo
from django.template import RequestContext
#在这里创建您的视图。
#Nueva vista
def nuevavista(request):
#return render_to_response(request,'nuevavista.html')
# return render(request,'blog / nuevavista.html')
#return HttpResponse('Nueva web')
return render_to_response(request,'nuevavista.html')
#return render_to_response(' nuevavista.html',context_instance = RequestContext(request))
def registro(request):
#if request.method =='POST':
c = {}
#c.update(csrf(request))
#return render_to_response('registro.html',c)
#return render(request,'registro.html',context_instance = RequestContext(request) )
#return HttpResponse('Hola')
return render(request,'nuevavista.html',c)
def home(request):
articulos = Articulo.objects.all()。order_by(' - fecha')
返回render_to_response('index.html',{'articulos':articulos})
urls .py:
from django.conf.urls import include,url
from django.contrib import admin
admin.autodiscover()
urlpatterns = [
#url de nueva vista
url(r'^ nuevavista','blog.views.nuevavista',name =nuevavista ),
url(r'^ registro','blog.views.registro',name =registro),
url(r'^ admin /' ,admin.site.urls),
url(r'^ blog /','blog.views.home',name ='home'),
]
index.html:
!doctype html>
{%load staticfiles%}
< html lang =en>
< head>
< meta charset =utf-8>
< title> Mi pagina< / title>
<! - < link rel =stylesheethref =css / styles.css?v = 1.0> - >
< link rel =stylesheethref ={%static'css / estilo.css'%}/>
< / head>
< body>
< p> Mi primera pagina< / p>
{%在articulos%}
< h1> < a href ={%url'blog.views.nuevavista'%}> Titulo {{articulo.titulo}}< / a>< / h1>
< p> Autor {{articulo.autor}}< / p>
< p> Texto del articulo {{articulo.texto}}< / p>
< p> Fecha {{articulo.fecha}}< / p>
{%endfor%}
< p> Formulario< / p>
< form action =。方法= POST >
{%csrf_token%}
<! - < input type ='hidden'name ='csrfmiddlewaretoken'value ='randomchars'/>
< label> Nombre:< / label>
< input id =nombretype =textmaxlength =100>
< input type =submitvalue =envíar>
< / form>
< / body>
< / html>
registro.html:
<!doctype html>
{%load staticfiles%}
< html lang =en>
< head>
< meta charset =utf-8>
< title> Mi pagina< / title>
<! - < link rel =stylesheethref =css / styles.css?v = 1.0> - >
< link rel =stylesheethref ={%static'css / estilo.css'%}/>
< / head>
< body>
< p> Registro< / p>
< / body>
< / html>
对于 {%csrf_token %}
标签工作,您必须确保使用请求对象呈现模板(请参阅文档)。
最简单的方法是使用 render
快捷方式而不是 render_to_response
。不建议使用 render_to_response
方法,并且将来可能会从Django中删除。
从django.shortcuts import render
def registro(request):
c = {}
#把你需要的任何其他上下文c
#不需要c.update(csrf(request)),因为我们使用render
return render(request,'registro.html',c)
您需要更新在其模板中使用csrf_token的任何视图。在这种情况下,您尚未更新 index.html
模板中的 home
视图。 / p>
def home(request):
articulos = Articulo.objects.all()。order_by(' - fecha')
return render(request,'index.html',{'articulos':articulos})
I have a problem with CSRF. I know must use: {% csrf_token %} but the problem is the same.
This my form:
<form action="." method="post">
{% csrf_token %}
.......
</form>
views.py:
Try 1:
def registro(request):
return HttpResponse('Hola')
Try 2:
def registro(request):
c={}
c.update(csrf(request))
return render_to_response('registro.html',c)
Try 3:
def registro(request):
c={}
return render(request,'nuevavista.html',c)
complete views.py:
from django.shortcuts import render_to_response, HttpResponse, render,RequestContext
from django.core.context_processors import csrf
from django.utils import timezone
from .models import Articulo
from django.template import RequestContext
# Create your views here.
#Nueva vista
def nuevavista(request):
#return render_to_response(request,'nuevavista.html')
#return render(request,'blog/nuevavista.html')
#return HttpResponse('Nueva web')
return render_to_response(request,'nuevavista.html')
#return render_to_response('nuevavista.html',context_instance=RequestContext(request))
def registro(request):
#if request.method=='POST':
c={}
#c.update(csrf(request))
#return render_to_response('registro.html',c)
#return render(request,'registro.html',context_instance=RequestContext(request))
#return HttpResponse('Hola')
return render(request,'nuevavista.html',c)
def home(request):
articulos = Articulo.objects.all().order_by('-fecha')
return render_to_response('index.html',{'articulos':articulos})
urls.py:
from django.conf.urls import include,url
from django.contrib import admin
admin.autodiscover()
urlpatterns = [
#url de nueva vista
url(r'^nuevavista','blog.views.nuevavista',name="nuevavista"),
url(r'^registro','blog.views.registro',name="registro"),
url(r'^admin/', admin.site.urls),
url(r'^blog/', 'blog.views.home',name='home'),
]
index.html:
<!doctype html>
{% load staticfiles %}
<html lang="en">
<head>
<meta charset="utf-8">
<title>Mi pagina</title>
<!--<link rel="stylesheet" href="css/styles.css?v=1.0">-->
<link rel="stylesheet" href="{% static 'css/estilo.css' %}" />
</head>
<body>
<p>Mi primera pagina </p>
{% for articulo in articulos %}
<h1> <a href="{% url 'blog.views.nuevavista' %}" >Titulo {{articulo.titulo}}</a></h1>
<p>Autor {{articulo.autor}}</p>
<p>Texto del articulo {{articulo.texto}}</p>
<p>Fecha {{articulo.fecha}} </p>
{% endfor %}
<p>Formulario</p>
<form action="." method="post">
{% csrf_token %}
<!--<input type='hidden' name='csrfmiddlewaretoken' value='randomchars'/>-->
<label> Nombre: </label>
<input id="nombre" type="text" maxlength="100">
<input type="submit" value="envíar">
</form>
</body>
</html>
registro.html:
<!doctype html>
{% load staticfiles %}
<html lang="en">
<head>
<meta charset="utf-8">
<title>Mi pagina</title>
<!--<link rel="stylesheet" href="css/styles.css?v=1.0">-->
<link rel="stylesheet" href="{% static 'css/estilo.css' %}" />
</head>
<body>
<p>Registro </p>
</body>
</html>
For the {% csrf_token %}
tag to work, you must ensure that the template is rendered with the request object (see the docs).
The easiest way to do this is to use the render
shortcut instead of render_to_response
. The render_to_response
method is not recommended, and is likely to be removed from Django in future.
from django.shortcuts import render
def registro(request):
c = {}
# put any other context you need in c
# no need for c.update(csrf(request)) because we're using render
return render(request, 'registro.html', c)
You need to update any views that use csrf_token in their templates. In this case, you haven't updated the home
view that renders the form in the index.html
template.
def home(request):
articulos = Articulo.objects.all().order_by('-fecha')
return render(request, 'index.html', {'articulos':articulos})
这篇关于Django 1.9 CSRF验证失败。请求中止的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!