Chinaunix首页 | 论坛 | 博客
  • 博客访问: 1643787
  • 博文数量: 245
  • 博客积分: 10378
  • 博客等级: 上将
  • 技术积分: 2571
  • 用 户 组: 普通用户
  • 注册时间: 2009-03-27 08:19
文章分类

全部博文(245)

文章存档

2013年(4)

2012年(8)

2011年(13)

2010年(68)

2009年(152)

分类: Python/Ruby

2012-06-15 15:22:53

在django中利用comments功能,发生错误,错误信息如下:

Forbidden (403)

CSRF verification failed. Request aborted.

Help

Reason given for failure:

CSRF token missing or incorrect.

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

  • Your browser is accepting cookies.
  • The view function uses RequestContext for the template, instead of Context.
  • In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
  • If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.

You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.

You can customize this page using the CSRF_FAILURE_VIEW setting.


解决方法:
1.其实也没有什么解决方法,其实在错误信息里边已经说了,“The view function uses RequestContext for the template, instead of Context”
通常情况下,我们在view里边通常是这么做:

点击(此处)折叠或打开

  1. def archive(request,text_id):
  2.     all_posts = TextBody.objects.all()
  3.     posts = all_posts.filter(id=text_id)
  4.     t= loader.get_template('content.html')
  5.     c = Context({'posts':posts})     
  6.     return HttpResponse( t.render(c) )
务必将 Context修改为RequestContext,修改后为 c = RequestContext(request,{'posts':posts})
务必在文件头引入: from django.template import loader,Context,RequestContext

2.在Html模板中加入csrf标签: 

点击(此处)折叠或打开

  1. <table>
  2.   <form action="{% comment_form_target %}" method="post">
  3.     {% csrf_token %}    
  4.     {{ form }}
  5.     <tr>
  6.       <td colspan="2">
  7.         <input type="submit" name="submit" value="Post">
  8.         <input type="submit" name="preview" value="Preview">
  9.       </td>
  10.     </tr>
  11.   </form>
  12. </table>

阅读(4376) | 评论(0) | 转发(0) |
给主人留下些什么吧!~~