django CSRF验证

时间:2011-07-05 10:47:22

标签: django csrf django-csrf

我无法解决CSRF令牌验证403错误。 这就是我所拥有的:

视图:

from django.template import RequestContext
def add(request, name):
#logic
return render_to_response("category/add.html", {"form": form}, 
    context_instance = RequestContext(request))    

模板:

<form action="/category/add/" method="post">
    {% csrf_token %}
    New Category: <input type="text" name="name" id="categoryname" />
    <input type="submit" value="Hinzufuegen" />
</form>

设置:

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
)

2 个答案:

答案 0 :(得分:2)

您是否将POST数据传递给表单进行验证?你必须做这样的事情:

     from django.template import RequestContext
     def add(request, name):
       # Logic
       if request.type == "POST":
         form = YourFormClass(request.POST)
         if form.is_valid():
             # Success!
         else:
             # Invalid form
       else:
         return render_to_response("category/add.html", {"form": form}, 
         context_instance = RequestContext(request))

答案 1 :(得分:1)

好像你需要添加

'django.middleware.csrf.CsrfViewMiddleware',
'django.middleware.csrf.CsrfResponseMiddleware',

到您的MIDDLEWARE_CLASSES。似乎它没有验证CSRF令牌,只是生成...... 帮我my case ...