1. 首页
  2. 问答
  3. CSRF验证失败。请求中止,Django的POST请求

CSRF验证失败。请求中止,Django的POST请求

2015-10-13 161 views
1

而在Django 1.8CSRF验证失败。请求中止,Django的POST请求

Forbidden (403) 
CSRF verification failed. Request aborted.

我的网址更新数据库中的记录,我得到一个错误:

url(r'^blog/update/(?P<id>[0-9]+)/$','news.views.update')

def edit(request,id): 
    blogs = Blog.objects.get(pk=id) 

    return render_to_response('news/edit.html',{'blogs':blogs}) 

def update(request,id): 
    if request.method=='POST': 
     blog = Blog.objects.get(pk=id) 
     blog.title = request.POST.get('title') 
     blog.content = request.POST.get('content') 
     blog.save() 
     return HttpResponse('updated successfully!!') 
    else: 
     return HttpResponse('error')

新闻/ edit.html

<form action="/blog/update/{{blogs.id}}/" method="POST">{%csrf_token%} 
    <label>Title:</label> 
    <input type="text" name="title" value="{{blogs.title}}"><br> 
    <label>Content:</label> 
    <textarea cols="45" rows="4" name="content">{{blogs.content}}</textarea><br> 
    <input type="submit" value="submit"> 

</form>

来源

2015-10-13 Ranjit Karki

+0

做ü有 'django.middleware.csrf.CsrfViewMiddleware' 在你的中间件? – levi

回答

1

您需要添加csrf middl eware您settings.py文件:

MIDDLEWARE_CLASSES = (
... 
'django.middleware.csrf.CsrfViewMiddleware', 
)

也改变

return render_to_response('news/edit.html',{'blogs':blogs})

return render(request, 'news/edit.html', {'blogs': blogs})

OR

return render_to_response('news/edit.html', {'blogs': blogs}, context_instance=RequestContext(request))

这是因为您需要为每个请求添加一个上下文。

Similar answer here

来源

2015-10-13 04:51:41 Hybrid

+0

也许上下文没有被正确包含......尝试改变'return render_to_response('news/edit.html',{'blogs':blogs})''返回render(request,'news/edit.html', {'blogs':blogs})' – Hybrid

相关问题

 相关问题