Django CSRF 403

获取CSRF 403.下面的console.log语句确认我正在获取令牌。我正在将请求提交到本地服务器上的同一个域。Django CSRF 403

internal.csrfToken = $.cookie('csrftoken'); 

    internal.csrfSafeMethod = function(method) { 
    // these HTTP methods do not require CSRF protection 
    return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method)); 
    }; 

    $.ajaxSetup({ 
    crossDomain: false, // obviates need for sameOrigin test 
    beforeSend: function(xhr, settings) { 
     console.log("ajaxSetup"); 
     console.log(internal.csrfToken); 
     if (!internal.csrfSafeMethod(settings.type)) { 
     console.log("Settings type"); 
     xhr.setRequestHeader("X-CSRFToken", internal.csrftoken); 
     } 
    } 
    }); 

    external.submitPayment = function (app_id, charge_now_amount, stripe_plan_id) { 
    // Submit a payment to the server and handle any errors. 

    $.ajax({ 
     url: URLS.postPayment, 
     type: 'POST', 
     data: { 
     'app_id': STRIPE_CONFIG.app.id, 
     'amount': charge_now_amount, 
     'stripe_plan_id': stripe_plan_id 
     }, 
     dataType: 'json', 
     success: function(response) { 
     alert("Success!"); 
     }, 
     error: function(jqXHR, textStatus, errorThrown) { 
     alert("Error!"); 
     } 
    }); 

    };

来源

2014-07-09 Brian Dant

不知道这是否对您有帮助。我有类似的问题。并通过制作一个beforeSend功能来修复它，这是添加X-CSRFToken

$.ajax({ 
    url: url, 
    data: JSON.stringify({'name': value }), 
    type: 'POST', 
    dataType: 'json', 
    beforeSend: function (jqXHR, settings) { 
    jqXHR.setRequestHeader('X-CSRFToken', $('input[name=csrfmiddlewaretoken]').val()); 
    }, 
    success: function(response) { 
    alert("Success!"); 
    } 
})

来源

2014-07-10 08:29:12 Eagllus

回答

相关问题