Djang——CSRF verification failed. Request aborted

Forbidden (403)

CSRF verification failed. Request aborted.

Help

Reason given for failure:

    CSRF token missing or incorrect.    

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

  • Your browser is accepting cookies.
  • The view function uses RequestContext for the template, instead of Context.
  • In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
  • If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.

You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting.

 

     我的Django版本是1.65,安装官方文档https://docs.djangoproject.com/en/1.6/ref/contrib/csrf/来操作并没有解决,然后在网上查阅,找到了两种方案,一种是禁掉Django提供的CSRF,像这里http://blog.csdn.net/middlekingt/article/details/8593031,另一种如下:

    在你的表单中添加:

                         <form action="" method="post">{% csrf_token %}

    在你的views视图中添加:

                          from django.template import RequestContext

                          return render_to_response('welcome.html',{'user':username},context_instance=RequestContext(request))

posted @ 2014-07-27 21:05  Bird-Man  阅读(257)  评论(0编辑  收藏  举报