Question

我在Google App Engine上运行了Flask应用程序。我正在尝试提交使用WTForm构建的表单，并且我不断收到以下错误。

403 Forbidden：您无权访问所请求的资源。它受读保护或服务器无法读取。

Location.html（部分代码）

    <form method=post action="/home/location">
    ....
     <button type="submit" class="btn btn-primary" value="Submit">
                        Directions
                    </button>
    </form>

main.py

@app.route('/home/location', methods=['POST', 'GET'])
def location():
    form = cfcdirections.Direction(request.form)
    print(request.method)
    if request.method == 'POST' and form.validate():
        print("After if")
        directions = cfcdirections()
        street_no = directions.No
        street = directions.Street
        suburb = directions.Suburb
        postcode = directions.Postcode
        state = directions.State
    return render_template('Location.html',form=form)

Answer 1

不要忘记在表单中加入CSRF token：

<form method=post action="/home/location">
    {{ form.csrf_token }}
    ....
    <button type="submit" class="btn btn-primary" value="Submit">
                    Directions
                </button>
</form>

403 Forbidden POST - Flask WTForms

1 个答案: