-1
我有以下模板CSRF验证失败。更新形式
{% block content %}
<form enctype="multipart/form-data" action="" method="post">{% csrf_token %}
{% for field in form %}
{{ field.label_tag }} {{ field }}
{% endfor %}
<input type="submit" value="Submit">
</form>
{% endblock %}
这是建立使用此模型
class TProfiles(models.Model):
id = models.IntegerField(primary_key=True) # AutoField?
first_name = models.CharField(max_length=45, blank=True)
surname = models.CharField(max_length=45, blank=True)
email = models.CharField(max_length=45, blank=True)
class Meta:
managed = False
db_table = 'profiles'
class TProfilesForm(ModelForm):
class Meta:
model = TProfiles
fields = ['first_name', 'surname', 'email']
当中去传递给视图
def register(request):
form = TProfilesForm()
if request.method == 'POST':
form = TProfilesForm(request.POST)
if form.is_valid():
form.save()
return render_to_response("register.html", {
"form": form,
})
然而,我当请求中止在试图保存字段时不断收到错误。 CSRF错误似乎有许多种...
编辑 - 错误消息
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
Your browser is accepting cookies.
The view function uses RequestContext for the template, instead of Context.
In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
您可以发布回溯? – 2014-10-19 15:35:36
他们可能确实有许多口味,但是当你尝试这种方式时,你看到的错误信息会明确地解决你的问题(但没有发布)。你没有使用RequestContext。 – 2014-10-19 15:44:21
道歉,请参阅我的编辑。这是我可以看到的错误页面上的所有内容。 – Jon 2014-10-19 16:26:27