2

我无法绕过 CSRF 令牌验证 403 错误。这是我所拥有的:

看法:

from django.template import RequestContext
def add(request, name):
#logic
return render_to_response("category/add.html", {"form": form}, 
    context_instance = RequestContext(request))

模板:

<form action="/category/add/" method="post">
    {% csrf_token %}
    New Category: <input type="text" name="name" id="categoryname" />
    <input type="submit" value="Hinzufuegen" />
</form>

设置:

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
)
4

2 回答 2

2

您是否将 POST 数据传递给表单进行验证?你必须做这样的事情:

     from django.template import RequestContext
     def add(request, name):
       # Logic
       if request.type == "POST":
         form = YourFormClass(request.POST)
         if form.is_valid():
             # Success!
         else:
             # Invalid form
       else:
         return render_to_response("category/add.html", {"form": form}, 
         context_instance = RequestContext(request))
于 2011-07-05T11:13:47.697 回答
1

好像需要添加

'django.middleware.csrf.CsrfViewMiddleware',
'django.middleware.csrf.CsrfResponseMiddleware',

到您的 MIDDLEWARE_CLASSES。似乎它没有验证 CSRF 令牌,只是生成......在我的情况下帮助了我......

于 2011-07-06T04:12:56.350 回答