美文网首页
django访问页面报错: Forbidden (403) CS

django访问页面报错: Forbidden (403) CS

作者: 强子8910 | 来源:发表于2018-03-14 23:06 被阅读0次

    django访问页面报错:

    Forbidden(403)

    CSRF verification failed. Request aborted.

    Help

    Reason given for failure:

        CSRF token missing or incorrect

    In general, this can occur when there is a genuine Cross Site Request Forgery, or whenDjango's CSRF mechanismhas not been used correctly. For POST forms, you need to ensure:

    Your browser is accepting cookies.

    The view function passes arequestto the template'srendermethod.

    In the template, there is a{% csrf_token %}template tag inside each POST form that targets an internal URL.

    If you are not usingCsrfViewMiddleware, then you must usecsrf_protecton any views that use thecsrf_tokentemplate tag, as well as those that accept the POST data.

    The form has a valid CSRF token. After logging in in another browser tab or hitting the back button after a login, you may need to reload the page with the form, because the token is rotated after a login.

    You're seeing the help section of this page because you haveDEBUG = Truein your Django settings file. Change that toFalse, and only the initial error message will be displayed.

    You can customize this page using the CSRF_FAILURE_VIEW setting.

    根据报错提示,依次检查:

    1)django项目settings.py

    MIDDLEWARE_CLASSES = (

    'django.middleware.common.CommonMiddleware',

    'django.contrib.sessions.middleware.SessionMiddleware',

    'django.middleware.csrf.CsrfViewMiddleware',#确认存在

    'django.contrib.auth.middleware.AuthenticationMiddleware',

    'django.contrib.messages.middleware.MessageMiddleware',

    # Uncomment the next line for simple clickjacking protection:

    # 'django.middleware.clickjacking.XFrameOptionsMiddleware',

    )

    2〉html中的form添加模板标签{% csrf_token %}

    [html]view plaincopy

    {% csrf_token %}  

    3〉django项目views.py

    from django.shortcuts import render_to_response  

    from django.template import RequestContext  

    def some_view(request):  

    # ...  

        return render(request,'login.html',{'uf':uf}) #不要使用 render_to_response,使用render

    相关文章

      网友评论

          本文标题:django访问页面报错: Forbidden (403) CS

          本文链接:https://www.haomeiwen.com/subject/kttcqftx.html