Django CSRF验证失败。请求已中止.-未设置CSRF cookie

时间:2022-04-11 06:35:20

I know this question has been asked before. I have tried almost all the options given by people but I cannot seem to solve it. I am a complete newbie so please let me know where I am going wrong.

我知道之前已经问过这个问题。我已经尝试了几乎所有人给出的选项,但我似乎无法解决它。我是一个完整的新手所以请让我知道我哪里出错了。

I am trying to write a simple raw form. I have not implemented any authentication or session mechanism until now (but from what I have read that does not matter to this problem. Correct me if I am wrong).

我想写一个简单的原始形式。到目前为止,我还没有实现任何身份验证或会话机制(但是从我所读到的内容来看,这与此问题无关。如果我错了,请纠正我)。

When I try to submit my form, I get this error:

当我尝试提交表单时,出现此错误:

Forbidden (403)
CSRF verification failed. Request aborted.

Reason given for failure:
    CSRF cookie not set.

This is my code:

这是我的代码:

My Views.py has this method:

我的Views.py有这个方法:

def submit(request):
    global alphabet_array
    dishes = Dish.objects.all().order_by('name')
    if request.method == "POST":
        print request.POST['restaurant']
        print request.POST['rating']
        render_to_response('index.html', {}, context_instance=RequestContext(request))
    else:
        render_to_response('index.html', {}, context_instance=RequestContext(request))

Many have said that using RequestContext solves this issue but for me even that is not working.

许多人说使用RequestContext解决了这个问题,但对我来说,即使这样也行不通。

The template looks as below:

模板如下所示:

  <form role="form" action="/submit/" method="post">{% csrf_token %}
                <div class="form-group">
                  <label for="">Restaurant Name</label>
                  <input type="text" name="restaurant" class="form-control" id="">
                </div>
                <div class="form-group">
                  <label for="">Rating</label>
                  <select class="form-control" name="rating">
                    <option>--</option>
                    <option>1 (very bad)</option>
                    <option>2 (bad)</option>
                    <option>3 (average)</option>
                    <option>4 (good)</option>
                    <option>5 (excellent)</option>
                  </select>
                </div>
               <button type="submit" class="btn btn-primary btn-block"><i class="fa fa-check-circle"></i> Save</button>
    </form>

The middleware_classes in settings.py looks like:

settings.py中的middleware_classes看起来像:

MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware',
    'django.contrib.sessions.middleware.SessionMiddleware',
    'django.middleware.csrf.CsrfViewMiddleware',
    'django.contrib.auth.middleware.AuthenticationMiddleware',
    'django.contrib.messages.middleware.MessageMiddleware',
)

django.middleware.csrf.CsrfViewMiddleware is there and it is below 'django.contrib.sessions.middleware.SessionMiddleware'

django.middleware.csrf.CsrfViewMiddleware就在那里,它在'django.contrib.sessions.middleware.SessionMiddleware'下面

My url.py is has entries:

我的url.py有条目:

url(r'^admin/', include(admin.site.urls)),
    url(r'^index/$', 'testapp.views.index'),

    url(r'^starts_with/(?P<alphabet>.+)/dish/(?P<dish_id>\d+)/$', 'testapp.views.alphabet_dish'),
    url(r'^starts_with/(?P<alphabet>.+)/$', 'testapp.views.alphabet'),
    url(r'^submit/$', 'testapp.views.submit'),

I am really not sure what is the problem here. As I said, I have read similar posts here and tried everything mentioned in the responses. What have I missed? My browser is Chrome and it is accepting cookies.

我真的不确定这里有什么问题。正如我所说,我在这里阅读了类似的帖子并尝试了回复中提到的所有内容。我错过了什么?我的浏览器是Chrome,它接受cookie。

1 个解决方案

#1


6  

Your CSRF setup is fine. The problem is you are not returning the result. Remember that the view is a function. You need to return render_to_response(...) not just call it (which is also why by removing CSRF you got the didn't return an HttpResponse error)

您的CSRF设置很好。问题是你没有返回结果。请记住,视图是一个功能。你需要返回render_to_response(...)而不仅仅是调用它(这也是为什么通过删除CSRF你没有返回HttpResponse错误)

Other than that, you are doing a few general things that are django-ically wrong:

除此之外,你正在做一些同样错误的一般事情:

Hence:

def submit(request):
    # global alphabet_array
    dishes = Dish.objects.all().order_by('name')
    if request.method == "POST":
        print request.POST['restaurant']
        print request.POST['rating']

    return render(request, 'index.html', {})

#1


6  

Your CSRF setup is fine. The problem is you are not returning the result. Remember that the view is a function. You need to return render_to_response(...) not just call it (which is also why by removing CSRF you got the didn't return an HttpResponse error)

您的CSRF设置很好。问题是你没有返回结果。请记住,视图是一个功能。你需要返回render_to_response(...)而不仅仅是调用它(这也是为什么通过删除CSRF你没有返回HttpResponse错误)

Other than that, you are doing a few general things that are django-ically wrong:

除此之外,你正在做一些同样错误的一般事情:

Hence:

def submit(request):
    # global alphabet_array
    dishes = Dish.objects.all().order_by('name')
    if request.method == "POST":
        print request.POST['restaurant']
        print request.POST['rating']

    return render(request, 'index.html', {})