Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/django/21.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Python 即使在传递CSRF_令牌之后,在Django Ajax中也会出现403禁止的错误_Python_Django_Ajax - Fatal编程技术网
Fatal编程技术网
  • python/
  • Python 即使在传递CSRF_令牌之后,在Django Ajax中也会出现403禁止的错误

Python 即使在传递CSRF_令牌之后,在Django Ajax中也会出现403禁止的错误

python django ajax

Python 即使在传递CSRF_令牌之后,在Django Ajax中也会出现403禁止的错误,python,django,ajax,Python,Django,Ajax,我使用模态弹出框在Django中创建模态实例。以下是模态体内部的形式: <form action="{% url 'projects:techs_create' %}" method="post" id="tech-form" > {% csrf_token %} <input type="text" name="name" id="tech-nam

我使用模态弹出框在Django中创建模态实例。以下是模态体内部的形式:

<form
  action="{% url 'projects:techs_create' %}"
  method="post"
  id="tech-form"
>
  {% csrf_token %}
  <input type="text" name="name" id="tech-name" />
  <input type="submit" value="Save" class="button button-main" />
</form>
我得到这个错误:

POST http://localhost:8000/techs/new/ 403 (Forbidden)
我在SO中看到了一些类似的问题,大多数答案都是关于缺少的
csrf
标记。现在我添加了它作为请求的数据。我仍然得到错误。我做错了什么

这是我用来处理请求的视图:

@login_required
def techs_create_view(request):
    if not request.user.is_superuser:
        raise PermissionDenied

if request.method == 'POST':
    form = ProjectTechnologieForm(request.POST)
    if form.is_valid():
        name = form.cleaned_data.get('name')
        form.save()
        messages.success(request, f'{name} created successfully.')
        return HttpResponseRedirect('projects:statistics')

    form = ProjectTechnologieForm()

    context = {
       'tech_form': form
    }

    if request.is_ajax():
        html = render_to_string('projects/statistics.html',
                            context, request=request)
        return JsonResponse({'form': html})
谢谢

想知道为什么定义了表单操作,然后又定义了提交事件吗?在Ajax中传递您的CSRF令牌,如
'csrfmiddlewaretoken':{{{CSRF\u token}}'
@login_required
def techs_create_view(request):
    if not request.user.is_superuser:
        raise PermissionDenied

if request.method == 'POST':
    form = ProjectTechnologieForm(request.POST)
    if form.is_valid():
        name = form.cleaned_data.get('name')
        form.save()
        messages.success(request, f'{name} created successfully.')
        return HttpResponseRedirect('projects:statistics')

    form = ProjectTechnologieForm()

    context = {
       'tech_form': form
    }

    if request.is_ajax():
        html = render_to_string('projects/statistics.html',
                            context, request=request)
        return JsonResponse({'form': html})