当试图在staging服务器上上传来自django-ckeditor的图像时,CSRF验证失败

时间:2021-07-13 03:13:27

Django-ckeditor has an option to insert and upload images directly from the editor. This works on local/development machines, but on remote servers Django throws a 403 error, CSRF verification failed. This happens in the admin backend, and I am having no other similar problems. Does anyone know what I am doing wrong? Any help would be greatly appreciated. Thanks

Django-ckeditor可以选择插入和上传来自编辑器的图像。这适用于本地/开发机器,但在远程服务器Django上抛出一个403错误,CSRF验证失败。这发生在管理后端,我没有其他类似的问题。有人知道我做错了什么吗?如有任何帮助,我们将不胜感激。谢谢

3 个解决方案

#1


1  

I had this issue because of url(r'^sys/cke/', include('ckeditor.urls')) was included to urlpatterns after less restrictive pattern (namely, url(r'^', include('cms.urls'))).

我有这个问题,因为url(r ^ sys / cke,包括(ckeditor.urls))是包括urlpattern后限制较少的模式(即url(r“^”,包括(cms.urls)))。

Thus, when reverse url resolver was used to build absolute url for ckeditor_upload it worked properly, but when url resolver was to find proper view for request, the request went not to the ckeditor's view with @csrf_exempt, but to view with first matched pattern. The confusion was because the 403 Forbidden error message has no trace of the view being executed.

因此,当使用反向url解析器为ckeditor_upload构建绝对url时,它工作得很好,但是当url解析器要找到请求的适当视图时,请求就不是使用@ csrf_豁免权的ckeditor的视图,而是使用第一个匹配的模式来查看。令人困惑的是,403禁止的错误消息没有显示正在执行的视图的踪迹。

#2


0  

Issue is still open.

问题仍然是开放的。

https://github.com/shaunsephton/django-ckeditor/issues/84

https://github.com/shaunsephton/django-ckeditor/issues/84

Better to exempt the csrf verification.

最好免除csrf验证。

#3


0  

I don't know if you already solved it, but I got the same problem. The issue was related to the django version. So you need to add this to your urls.py:

我不知道你们是否已经解决了,但我也遇到了同样的问题。这个问题与django版本有关。所以你需要把这个加入你的urls。py:

if django.VERSION >= (1, 8):
urlpatterns = [
    url(r'^', include('blog.urls', namespace="blog")),
    url(r'^admin/', include(admin.site.urls)),
    url(r'^ckeditor/', include('libs.ckeditor_uploader.urls')),
]
else:
from django.conf.urls import patterns

admin.autodiscover()
urlpatterns = patterns(
    '',
    url(r'^', include('blog.urls', namespace="blog")),
    url(r'^admin/', include(admin.site.urls)),
    url(r'^ckeditor/', include('libs.ckeditor_uploader.urls')),
)

#1


1  

I had this issue because of url(r'^sys/cke/', include('ckeditor.urls')) was included to urlpatterns after less restrictive pattern (namely, url(r'^', include('cms.urls'))).

我有这个问题,因为url(r ^ sys / cke,包括(ckeditor.urls))是包括urlpattern后限制较少的模式(即url(r“^”,包括(cms.urls)))。

Thus, when reverse url resolver was used to build absolute url for ckeditor_upload it worked properly, but when url resolver was to find proper view for request, the request went not to the ckeditor's view with @csrf_exempt, but to view with first matched pattern. The confusion was because the 403 Forbidden error message has no trace of the view being executed.

因此,当使用反向url解析器为ckeditor_upload构建绝对url时,它工作得很好,但是当url解析器要找到请求的适当视图时,请求就不是使用@ csrf_豁免权的ckeditor的视图,而是使用第一个匹配的模式来查看。令人困惑的是,403禁止的错误消息没有显示正在执行的视图的踪迹。

#2


0  

Issue is still open.

问题仍然是开放的。

https://github.com/shaunsephton/django-ckeditor/issues/84

https://github.com/shaunsephton/django-ckeditor/issues/84

Better to exempt the csrf verification.

最好免除csrf验证。

#3


0  

I don't know if you already solved it, but I got the same problem. The issue was related to the django version. So you need to add this to your urls.py:

我不知道你们是否已经解决了,但我也遇到了同样的问题。这个问题与django版本有关。所以你需要把这个加入你的urls。py:

if django.VERSION >= (1, 8):
urlpatterns = [
    url(r'^', include('blog.urls', namespace="blog")),
    url(r'^admin/', include(admin.site.urls)),
    url(r'^ckeditor/', include('libs.ckeditor_uploader.urls')),
]
else:
from django.conf.urls import patterns

admin.autodiscover()
urlpatterns = patterns(
    '',
    url(r'^', include('blog.urls', namespace="blog")),
    url(r'^admin/', include(admin.site.urls)),
    url(r'^ckeditor/', include('libs.ckeditor_uploader.urls')),
)