Django错误解决: CSRF verification failed. Request abor

该解决办法是根据个技术博文上修改后的,因以为原方法无法解决这个错误,以下内容是根据我实际操作过程修正的。

Forbidden (403)

CSRF verification failed. Request aborted.

Help

Reason given for failure:

CSRF token missing or incorrect.

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

  • Your browser is accepting cookies.

  • The view function uses 

    RequestContext 

    for the template, instead of 

    Context.

  • In the template, there is a 

    {% csrf_token %} 

    template tag inside each POST form that targets an internal URL.

  • If you are not using 

    CsrfViewMiddleware, then you must use 

    csrf_protect 

    on any views that use the 

    csrf_token 

    template tag, as well as those that accept the POST data.

You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting.


解决办法

在django1.5里,就必须按照提示的步骤来:

1,在view里面,强制使用RequestContext 代替Context。示例如下:

from django.template import RequestContext   

视图返回要这样:

 c = RequestContext(request,{

  'todos': todos,

  'choices': importance_choices, }) 

 return HttpResponse(t.render(c)) )

2,在View里,添加@csrf_protect示例如下:

from django.views.decorators.csrf import csrf_protect 

@csrf_protect

def add_todo(request):

 t = Todo(

  title = request.POST['title'],

  description = request.POST['description'],

  importance = request.POST['importance'], ) 

 t.save()

 return HttpResponseRedirect(reverse(todo_index))

2,在模板的form体里面,加入 {% csrf_token %},示例如下:

         {% csrf_token %}  

      ……

   


4、检查一下中间件里'django.middleware.csrf.CsrfViewMiddleware',是否正常开放。默认是直接开着的。


你可能感兴趣的:(Django错误解决: CSRF verification failed. Request abor)