我试图为我的系统开发搜索功能。 从Firefox检查网络 - 预览 - 我得到:
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
Your browser is accepting cookies.
The view function uses RequestContext for the template, instead of Context.
In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
这很奇怪,因为我已经包含了标签。
Bellow我提供的代码可能是检测错误所必需的。
reviewallcases2.html:
...
<section>
<h3>Search by patient id</h3>
{% csrf_token %}
<input type="text" id="search" name="search"/>
<ul id="search-results">
</ul>
</section>
...
views.py:
...
def search_id(request):
if request.method == "POST":
search_text = request.POST['search_text']
else:
search_text = ''
patients = Patient.objects.filter(patient_id__contains=search_text)
return render_to_response('ajax_search.html', {'patients' : patients})