Django CSRF检查在JavaScript post请求(如表单提交)中失败
我用这里的答案()在浏览器的javascript中发布帖子。但是Django CSRF检查失败,因为模板中的表单中存在{%CSRF_token%}。怎么做?我应该添加以下代码吗Django CSRF检查在JavaScript post请求(如表单提交)中失败,javascript,jquery,django,forms,Javascript,Jquery,Django,Forms,我用这里的答案()在浏览器的javascript中发布帖子。但是Django CSRF检查失败,因为模板中的表单中存在{%CSRF_token%}。怎么做?我应该添加以下代码吗 var hiddenField = document.createElement("input"); hiddenField.setAttribute("type", "hidden"); hiddenField.setAttribute("name", 'csrfmiddlewaretoken'); hiddenFie
var hiddenField = document.createElement("input");
hiddenField.setAttribute("type", "hidden");
hiddenField.setAttribute("name", 'csrfmiddlewaretoken');
hiddenField.setAttribute("value", '{{ csrf_token }}');
form.appendChild(hiddenField);
欢迎任何提示、建议和评论。谢谢如果您使用ajax提交表单,您还必须提交csrf令牌值。 举个例子
$.ajax({
类型:“POST”,
url:url,
数据:{
'csrfmiddlewaretoken':$('input[name=“csrfmiddlewaretoken”]”)。val(),
},
成功:功能(响应){
}
});
或者您可以将ajax数据中的序列化表单作为
数据:$(“#表单”).serialize(),
如果您使用ajax提交表单,您还必须提交csrf令牌值。
举个例子
$.ajax({
类型:“POST”,
url:url,
数据:{
'csrfmiddlewaretoken':$('input[name=“csrfmiddlewaretoken”]”)。val(),
},
成功:功能(响应){
}
});
或者您可以将ajax数据中的序列化表单作为
data:$(“\35;表单”).serialize(),
我使用了中的getCookie()函数和中的post()函数
最终代码:
// https://github.com/sigurdga/django-jquery-file-upload/blob/master/fileupload/static/js/csrf.js
function getCookie(name) {
console.log('getCookie');
var cookieValue = null;
if (document.cookie && document.cookie != '') {
var cookies = document.cookie.split(';');
for (var i = 0; i < cookies.length; i++) {
var cookie = jQuery.trim(cookies[i]);
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) == (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
console.log('cookie:' + cookieValue);
return cookieValue;
}
// https://stackoverflow.com/questions/133925/javascript-post-request-like-a-form-submit
function post(path, params, method) {
method = method || "post"; // Set method to post by default if not specified.
var form = document.createElement("form");
form.setAttribute("method", method);
form.setAttribute("action", path);
for(var key in params) {
if(params.hasOwnProperty(key)) {
var hiddenField = document.createElement("input");
hiddenField.setAttribute("type", "hidden");
hiddenField.setAttribute("name", key);
hiddenField.setAttribute("value", params[key]);
form.appendChild(hiddenField);
}
}
var hiddenField1 = document.createElement("input");
hiddenField1.setAttribute("type", "hidden");
hiddenField1.setAttribute("name", 'csrfmiddlewaretoken');
hiddenField1.setAttribute("value", getCookie('csrftoken'));
form.appendChild(hiddenField1);
document.body.appendChild(form);
form.submit();
}
//https://github.com/sigurdga/django-jquery-file-upload/blob/master/fileupload/static/js/csrf.js
函数getCookie(名称){
log('getCookie');
var-cookieValue=null;
if(document.cookie&&document.cookie!=''){
var cookies=document.cookie.split(“;”);
对于(变量i=0;i
欢迎任何评论。我使用了来自的getCookie()函数和来自的post()函数
最终代码:
// https://github.com/sigurdga/django-jquery-file-upload/blob/master/fileupload/static/js/csrf.js
function getCookie(name) {
console.log('getCookie');
var cookieValue = null;
if (document.cookie && document.cookie != '') {
var cookies = document.cookie.split(';');
for (var i = 0; i < cookies.length; i++) {
var cookie = jQuery.trim(cookies[i]);
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) == (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
console.log('cookie:' + cookieValue);
return cookieValue;
}
// https://stackoverflow.com/questions/133925/javascript-post-request-like-a-form-submit
function post(path, params, method) {
method = method || "post"; // Set method to post by default if not specified.
var form = document.createElement("form");
form.setAttribute("method", method);
form.setAttribute("action", path);
for(var key in params) {
if(params.hasOwnProperty(key)) {
var hiddenField = document.createElement("input");
hiddenField.setAttribute("type", "hidden");
hiddenField.setAttribute("name", key);
hiddenField.setAttribute("value", params[key]);
form.appendChild(hiddenField);
}
}
var hiddenField1 = document.createElement("input");
hiddenField1.setAttribute("type", "hidden");
hiddenField1.setAttribute("name", 'csrfmiddlewaretoken');
hiddenField1.setAttribute("value", getCookie('csrftoken'));
form.appendChild(hiddenField1);
document.body.appendChild(form);
form.submit();
}
//https://github.com/sigurdga/django-jquery-file-upload/blob/master/fileupload/static/js/csrf.js
函数getCookie(名称){
log('getCookie');
var-cookieValue=null;
if(document.cookie&&document.cookie!=''){
var cookies=document.cookie.split(“;”);
对于(变量i=0;i
欢迎任何评论。是不是您正在用javascript创建一个完整表单并将其附加到模板的某个位置?是不是您正在用javascript创建一个完整表单并将其附加到模板的某个位置?您是我看到的第一个使用8空格的人indention@Endless它是有线的。我不知道为什么。我会找出原因的。@无尽的感谢。复制粘贴时我做错了什么。在我的新虚拟机上,我没有设置。vimrcYou是我看到的第一个使用8空格的人indention@Endless它是有线的。我不知道为什么。我会找出原因的。@无尽的感谢。复制粘贴时我做错了什么。在我的新虚拟机上,我没有设置