表单提交及CSRF防护

单的request表单提交会出现CSRF verification failed.

 

解决方法:

>>> 确保setting.py里面的MIDDLE CLASSES开启了下面项

MIDDLEWARE_CLASSES = (
    ...
  'django.middleware.csrf.CsrfViewMiddleware',
    ...

>>> 在Template里面表单后面加入{% csrf_token %}

<form action="" method="POST">{% csrf_token %}
  ...
</form>

>>> views里面要将Context修改为RequestContext

from django.template import RequestContext
    ...
    def someFun(request):
    ...
    t = get_template('some_template.html')
    html = t.render(RequestContext(request,{"sth":toSth}))
    #修改前为 html = t.render(Context({"sth":toSth})) 注意两处变化
    ...
    return HttpResponse(html)

 

posted on 2013-04-06 22:55  0x9801  阅读(605)  评论(0)    收藏  举报

导航