2
我的Django网站位于HTTPS中。当我尝试从脚本将数据发布到网站时,出现此错误:“引用者检查失败 - 无引用者”。这似乎是一个CSRF问题,但我不知道如何解决它。Django CSRF验证在POST请求上失败:引用者检查失败 - no Referer
例子:
import requests
r = requests.post('https://mywebsite/mypage', data = {'key':'value'})
print r.text
给了我这样的输出:
[...]
<p>Reason given for failure:</p>
<pre>
Referer checking failed - no Referer.
</pre>
<p>In general, this can occur when there is a genuine Cross Site Request Forgery, or when
<a
href="https://docs.djangoproject.com/en/1.8/ref/csrf/">Django's
CSRF mechanism</a> has not been used correctly. For POST forms, you need to
ensure:</p>
<ul>
<li>Your browser is accepting cookies.</li>
<li>The view function passes a <code>request</code> to the template's <a
href="https://docs.djangoproject.com/en/dev/topics/templates/#django.template.backends.base.Template.render"><code>render</code></a>
method.</li>
<li>In the template, there is a <code>{% csrf_token
%}</code> template tag inside each POST form that
targets an internal URL.</li>
<li>If you are not using <code>CsrfViewMiddleware</code>, then you must use
<code>csrf_protect</code> on any views that use the <code>csrf_token</code>
template tag, as well as those that accept the POST data.</li>
</ul>
[...]
我需要发送POST数据之前,通过一个引荐到我的头 - 这是很不方便?还是应该禁用此页面的CSRF?
感谢
我也遇到了这个问题。任何答案Julien Salinas? – neelima
@neelima你需要在你的视图中禁用CSRF检查。使用@ csrf_exempt装饰器:https://docs.djangoproject.com/en/1.11/ref/csrf/#django.views.decorators.csrf.csrf_exempt –