使用django提交form表单时,提交方式为post,总是提交不成功,报错如下:
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
-
Your browser is accepting cookies.
-
The view function uses RequestContext for the template, instead of
Context
. -
In the template, there is a
{% csrf_token %}
template tag inside each POST form that targets an internal URL. -
If you are not using
CsrfViewMiddleware
, then you must usecsrf_protect
on any views that use thecsrf_token
template tag, as well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG = True
in your Django settings file. Change that to False
, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
虽然按照上面所说的方法:
第一种:在表单里加上{% csrf_token %}就行了。
第二种方法是在Settings里的MIDDLEWARE_CLASSES增加配置:
'django.middleware.csrf.CsrfViewMiddleware',
'django.middleware.csrf.CsrfResponseMiddleware',
都加上了,但是并没有什么用,网上查资料才找到答案,从view到页面时候,我是酱紫的:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
|
from
django.shortcuts
import
*
from
contact.forms
import
ContactForm
def
contact(request):
if
request.method
=
=
'POST'
:
form
=
ContactForm(request.POST)
if
form.is_valid():
cd
=
form.cleaned_data
send_mail(
cd[
'subject'
],
cd[
'message'
],
cd.get(
'email'
,
'noreply@example.com'
),
[
'siteowner@example.com'
],
)
return
HttpResponseRedirect(
'/contact/thanks/'
)
else
:
form
=
ContactForm()
return
render_to_response(
'contact_form.html'
, {
'form'
: form})
|
首先request没有post方法,进入else,显示的为contact_form.html页面,此时报错,网上有一种说法,必须要使用RequestContext对象,
1
|
return
render_to_response(
'contact_form.html'
, {
'form'
: form},context_instance
=
RequestContext(request))
|
将else中的语句加入RequestContext后,成功!
本文转自布拉君君 51CTO博客,原文链接:http://blog.51cto.com/5148737/1678395,如需转载请自行联系原作者