使用 csrf 和请求上下文的 csrf 失败
csrf failure using csrf and Request Context
我已经尝试了所有我能从论坛收集的信息,仍然需要帮助:
我在提交表单时不断收到 CSRF token missing or incorrect 错误。它曾经工作正常,然后我做了一些更改,现在我无法恢复。我正在使用 {% csrf_token %} 和 RequestContext。我尝试使用 reverse,我检查了 settings.py 中间件以获得 csrf middleware,尝试重新启动服务器,尝试使用 HttpResponse 而不是 HttpResponseRedirect 和 template.render(),尝试使用 url 路径而不是 {% url %} 标签。在我项目的其他部分,我什至没有使用 RequestContext 但它工作正常..
signup_page.html:
<p>Sign Up Below
</p>
<form action={% url 'signup_page' %} method="post">
{% csrf_token %}
....
Email
<input type="email" name="email" required="true"><br><br>
<input type="submit" value="POST">
</form>
views.py
def signup_page(request):
template = loader.get_template('user_app/signup_page.html')
if request.method == "POST":
...
email = request.POST['email']
kwargs = {
'username':username, 'password':password, 'first_name':first_name,
'last_name':last_name, 'email':email
}
new_user = User.objects.create(**kwargs)
new_user.save()
context = {
'text':"POST", 'first_name':first_name
}
return HttpResponseRedirect(render('signup_page', context, context_instance =RequestContext(request)))
else:
return HttpResponse(template.render(RequestContext(request)))
urls.py:
from django.conf.urls import url
from user_app.views import signup_page, profile
urlpatterns = [
url(r'^signup', signup_page, name="signup_page"),
url(r'^profile', profile, name="profile")
]
添加 csrf 装饰器。参考:https://docs.djangoproject.com/en/1.10/ref/csrf/#module-django.views.decorators.csrf
from django.views.decorators.csrf import csrf_protect
@csrf_protect
def signup_page(request):
...
from django.shortcuts import render
#create your views here
def your_function(request):
#do whatever you want here...
context = {'any_data': 'you_want_to_send'}
return render(request,'your.html',context)
我已经尝试了所有我能从论坛收集的信息,仍然需要帮助:
我在提交表单时不断收到 CSRF token missing or incorrect 错误。它曾经工作正常,然后我做了一些更改,现在我无法恢复。我正在使用 {% csrf_token %} 和 RequestContext。我尝试使用 reverse,我检查了 settings.py 中间件以获得 csrf middleware,尝试重新启动服务器,尝试使用 HttpResponse 而不是 HttpResponseRedirect 和 template.render(),尝试使用 url 路径而不是 {% url %} 标签。在我项目的其他部分,我什至没有使用 RequestContext 但它工作正常..
signup_page.html:
<p>Sign Up Below
</p>
<form action={% url 'signup_page' %} method="post">
{% csrf_token %}
....
Email
<input type="email" name="email" required="true"><br><br>
<input type="submit" value="POST">
</form>
views.py
def signup_page(request):
template = loader.get_template('user_app/signup_page.html')
if request.method == "POST":
...
email = request.POST['email']
kwargs = {
'username':username, 'password':password, 'first_name':first_name,
'last_name':last_name, 'email':email
}
new_user = User.objects.create(**kwargs)
new_user.save()
context = {
'text':"POST", 'first_name':first_name
}
return HttpResponseRedirect(render('signup_page', context, context_instance =RequestContext(request)))
else:
return HttpResponse(template.render(RequestContext(request)))
urls.py:
from django.conf.urls import url
from user_app.views import signup_page, profile
urlpatterns = [
url(r'^signup', signup_page, name="signup_page"),
url(r'^profile', profile, name="profile")
]
添加 csrf 装饰器。参考:https://docs.djangoproject.com/en/1.10/ref/csrf/#module-django.views.decorators.csrf
from django.views.decorators.csrf import csrf_protect
@csrf_protect
def signup_page(request):
...
from django.shortcuts import render
#create your views here
def your_function(request):
#do whatever you want here...
context = {'any_data': 'you_want_to_send'}
return render(request,'your.html',context)