Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request Forgery, or whenDjango’s CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
- The view function uses
RequestContext
for the template, instead ofContext
. - In the template, there is a
{% csrf_token %}
template tag inside each POST form that targets an internal URL. - If you are not using
CsrfViewMiddleware
, then you must usecsrf_protect
on any views that use thecsrf_token
template tag, as well as those that accept the POST data.
解决办法:在视图中:
from django.template import RequestContext
return render_to_response("books/contact.html",{"form":form},context_instance=RequestContext(request))