Django CSRF验证失败。更新表单时请求中止
我有以下模板Django CSRF验证失败。更新表单时请求中止,django,django-models,django-forms,django-templates,django-views,Django,Django Models,Django Forms,Django Templates,Django Views,我有以下模板 {% block content %} <form enctype="multipart/form-data" action="" method="post">{% csrf_token %} {% for field in form %} {{ field.label_tag }} {{ field }} {% endfor %} <input type="submit" value="Submit">
{% block content %}
<form enctype="multipart/form-data" action="" method="post">{% csrf_token %}
{% for field in form %}
{{ field.label_tag }} {{ field }}
{% endfor %}
<input type="submit" value="Submit">
</form>
{% endblock %}
它们被传递到视图
def register(request):
form = TProfilesForm()
if request.method == 'POST':
form = TProfilesForm(request.POST)
if form.is_valid():
form.save()
return render_to_response("register.html", {
"form": form,
})
但是,我在尝试保存字段时不断出错。CSRF错误似乎有很多方面
编辑-错误消息
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
Your browser is accepting cookies.
The view function uses RequestContext for the template, instead of Context.
In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
答案似乎是在return语句中添加
RequestContext(request)
。所以我的代码看起来像:
def register(request):
form = TProfilesForm()
if request.method == 'POST':
form = TProfilesForm(request.POST)
if form.is_valid():
form.save()
return render_to_response("register.html", {
"form": form,
}, RequestContext(request))
找到了答案或者简单地使用render而不是render\u to\u响应:
return render(request,"register.html", {"form": form,})
进口:
from django.shortcuts import render
你能回溯吗?它们可能确实有很多种味道,但是你在尝试回溯时看到(但没有发布)的错误消息明确地说明了你的味道;您没有使用RequestContext。抱歉,请查看我的编辑。这是错误页面上我能看到的所有内容。
from django.shortcuts import render