今天调试表单post提交时,出现:
Forbidden (403)
CSRF verification failed. Request aborted.
调试模式提示:
In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django’s CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
- Your browser is accepting cookies.
- The view function uses RequestContext for the template, instead of Context.
- In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
- If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
解决办法上面提示已经给出了,因为测试时候浏览器都开启支持cookie,首先视图中用RequestContext代替默认的Context:
?[Copy to clipboard]
View Code PYTHON
def some_view(request):
# ...
return render_to_response('my_template.html',
my_data_dictionary,
context_instance=RequestContext(request))
接着需要将{% csrf_token %}
放置到模板的表单, 同时如果没有使用 CsrfViewMiddleware 中间件,需要在视图函数前加一个装饰器@csrf_protect