5

我正在一个项目中实现 django-ajax-uploader,但我想使用当前低于 3.5.0 的最新版本的 Fineuploader,据推测,因为文档说我唯一应该做的发送 csrf_token 就是将它放在 customHeaders 字典中:

如果您想使用最新版本的 Fine Uploader,因为现在调用 valum 的文件上传器,而不是与 django-ajax-uploader 捆绑的那个,您可以通过将上述模板中的 params 参数替换为以下 customHeaders 来实现:

customHeaders: { 'X-CSRFToken': '{{ csrf_token }}', },

这是我的完整代码:

...    
        <h1>qq-file-uploader</h1>
        <div id="upload-button" class="btn btn-primary"><i class="icon icon-cloud-upload icon-white"></i> Selecciona un archivo</div>
        <div id="file-upload"></div>
    </form>
{% endblock %}

{% block styles %}
    <link rel="stylesheet" type="text/css" href="{{ STATIC_URL }}js/libs/jquery.fineuploader-3.5.0/fineuploader-3.5.0.css"/>
{% endblock %}

{% block javascript %}
    <script type="text/javascript" src="{{ STATIC_URL }}js/libs/jquery.fineuploader-3.5.0/jquery.fineuploader-3.5.0.min.js"></script>
    <script type="text/javascript">
        $(function(){
            $('div#file-upload').fineUploader({
                customHeaders: {
                    'X-CSRFToken': '{{ csrf_token }}'
                },
                request: {
                    endpoint: '{% url 'documents:qq_file_uploader' %}'
                },
                button: $('div#upload-button'),
                multiple: false,
            });
        });
    </script>
{% endblock %}

在我的views.py我有:qq_file_uploader = AjaxFileUploader()

每次我尝试在视图中上传任何文件时,我都会收到 403 错误:CSRF verification failed. Request aborted.

4

2 回答 2

4

使用 request.params 设置令牌并通过 POST 发送。

...
request: {
    endpoint: '{% url 'documents:qq_file_uploader' %}',
    params: {
        'csrfmiddlewaretoken': '{{ csrf_token }}'
    }
},
...
于 2013-05-02T14:52:00.457 回答
3

It looks like you didn't follow the directions you quoted at all. The proper use of custom headers are also described in the Fine Uploader documentation.

Remove your customFields property entirely and modify your request property to read:

request: {
   endpoint: '{% url 'documents:qq_file_uploader' %}'
   customHeaders: {
      'X-CSRFToken': '{{ csrf_token }}'
   }
}
于 2013-05-02T14:30:54.517 回答