Django:CSRF 令牌丢失或不正确
错误位于位置 http://127.0.0.1:8000/fileupload/form.py
我有 django 1.3 版本。我尝试按照其他人的问题中所述指定 localhost:8000 但这对我不起作用。我正在尝试创建文件上传表单,但收到错误消息,指出 form.py 没有 CSRF 令牌。
form.py:views.py:upload.html
class UploadFileForm(forms.Form):
title = forms.CharField(max_length=50)
file = forms.FileField()
。
def upload_file(request):
c = {}
c.update(csrf(request))
if (not request.user.is_authenticated()) or (request.user == None):
return HttpResponseRedirect("/?error=11")
if request.method == 'POST':
form = c['UploadFileForm'] = UploadFileForm(request.POST, request.FILES, c, context_instance=RequestContext(request))
if c['UploadFileForm'].is_valid():
handle_uploaded_file(request.FILES['file'])
return HttpResponseRedirect('/success/url/')
else:
form = c['UploadFileForm'] = UploadFileForm()
return render_to_response('fileupload/upload.html', {'form': c['UploadFileForm']})
:
{% block main_content %}
<form action="fileupload/form.py" enctype="multipart/form-data" method="POST">
{% csrf_token %}
<table>
<tr><td>Title:</td><td><input type="text" name="title" /></td></tr>
<tr><td>File:</td><td><input type="file" name="file" /></td></tr>
</table>
<input type="submit" value="Submit" class = "float_right button_input" />
</form>
{% endblock main_content %}
我很困惑,请告诉我一些要尝试的事情 谢谢
The error is at location http://127.0.0.1:8000/fileupload/form.py
I have version 1.3 of django. I have tried specifying localhost:8000 as stated in someone else's question but this did not work for me. I am trying to have a file upload form but I am receiving an error that form.py does not have the CSRF token.
form.py:
class UploadFileForm(forms.Form):
title = forms.CharField(max_length=50)
file = forms.FileField()
views.py:
def upload_file(request):
c = {}
c.update(csrf(request))
if (not request.user.is_authenticated()) or (request.user == None):
return HttpResponseRedirect("/?error=11")
if request.method == 'POST':
form = c['UploadFileForm'] = UploadFileForm(request.POST, request.FILES, c, context_instance=RequestContext(request))
if c['UploadFileForm'].is_valid():
handle_uploaded_file(request.FILES['file'])
return HttpResponseRedirect('/success/url/')
else:
form = c['UploadFileForm'] = UploadFileForm()
return render_to_response('fileupload/upload.html', {'form': c['UploadFileForm']})
upload.html:
{% block main_content %}
<form action="fileupload/form.py" enctype="multipart/form-data" method="POST">
{% csrf_token %}
<table>
<tr><td>Title:</td><td><input type="text" name="title" /></td></tr>
<tr><td>File:</td><td><input type="file" name="file" /></td></tr>
</table>
<input type="submit" value="Submit" class = "float_right button_input" />
</form>
{% endblock main_content %}
I am very stumped please tell me some things to try. Thank You
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(4)
您需要在 render_to_response 中为
csrf_token
传递RequestContext
为此:(views.py)
这会将 csrf 的令牌传递给模板。
You need to pass
RequestContext
in render_to_response forcsrf_token
For this : (views.py)
This passes the token for csrf to the template.
如果您使用
@cache_page(60 * 15)
装饰器,也可能会发生这种情况。如果您缓存包含 CSRF 令牌的表单的页面,则将仅缓存第一个用户的 CSRF 令牌。所以有时候调试起来有点困难。更多信息来自 Django 文档
It can also happen if you use
@cache_page(60 * 15)
decorators. If you cache a page with a form containing a CSRF token, you'll cache the CSRF token of the first user only. So it's kinda hard to debug sometimes.More info from Django documentation
我的答案与上面 @Yugal Jindle 的答案类似。
我正在使用 Django 1.10,我遇到了类似的问题,在编辑 P.S. 后它对我
有用
。确保 settings.py 中的 MIDDLEWARE 变量中有以下行
My answer is similar to the @Yugal Jindle's answer above.
I am using Django 1.10 and I had a similar issue, it worked for me after editing
to
P.S. Make sure you have the below line in your MIDDLEWARE variable in the settings.py
对于我的情况,我使用 AJAX 将数据发布到我的视图函数,然后发生相同的错误,因此解决它的简单方法是将数据从
To
更改为因为我们手动添加 csrf-token,所以它不会丢失或不正确。
For my case, I use AJAX to post data to my views function, then the same error happens, so the easy method to solve it is to change the data from
To
because we manually add a csrf-token, so it is not missing or incorrect.