堆栈内存溢出
  简体   繁体   English

如何在django中应用csrf_token

[英]how to apply csrf_token in django

 原文  2014-07-31 10:00:14       javascript/ django/ django-forms/ django-templates/ dropzone.js

问题描述

In Django Template Without using form i want to upload files to my web server. 在Django模板中不使用表单我想将文件上传到我的Web服务器。 so for that i`m using javascript library called dropzonejs. 所以我使用名为dropzonejs的javascript库。

I exactly follow this tutorial bootstrap dropzonejs . 我正好遵循这个教程bootstrap dropzonejs I setup everything to run the demo. 我设置了一切来运行演示。

You see i decided not to use form so obviously the problem csrf_token is missing when upload happens time. 你看,我决定不使用form所以当上传发生的时候,问题csrf_token很明显。

My doubt is how to include csrf_token in javascript . 我怀疑的是如何在javascript包含csrf_token ?

This is the information they added in their home page for how to add csrf token 这是他们在主页中添加的有关如何添加csrf令牌的信息

sending - Called just before each file is sent. 发送 - 在每个文件发送之前调用。 Gets the xhr object and the formData objects as second and third parameters, so you can modify them (for example to add a CSRF token) or add additional data. 获取xhr对象和formData对象作为第二个和第三个参数,以便您可以修改它们(例如添加CSRF标记)或添加其他数据。

Are you understand my question ? 你明白我的问题吗? give me some idea to do that ? 给我一些想法吗?

1 个解决方案

解决方案1
 3 已采纳  2014-07-31 13:44:54

You could either have the view CSRF exempt : 您可以拥有CSRF免除视图: 

from django.views.decorators.csrf import csrf_exempt

class YourView(models.View):

    @csrf_exempt
    def dispatch(self, *args, **kwargs):
        return super(YourView, self).dispatch(*args, **kwargs)

The JavaScript config would probably look something similar to this: JavaScript配置可能看起来与此类似: 

(function($){
    $(function(){
      function getCookie(name) {
        var cookieValue = null;
        if (document.cookie && document.cookie != '') {
            var cookies = document.cookie.split(';');
            for (var i = 0; i < cookies.length; i++) {
                var cookie = jQuery.trim(cookies[i]);
                // Does this cookie string begin with the name we want?
                if (cookie.substring(0, name.length + 1) == (name + '=')) {
                    cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
                    break;
                }
            }
        }
        return cookieValue;
    }
    var csrftoken = getCookie('csrftoken');

    function csrfSafeMethod(method) {
        return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
    }

    $.ajaxSetup({
        crossDomain: false,
        beforeSend: function(xhr, settings) {
            if (!csrfSafeMethod(settings.type)) {
                xhr.setRequestHeader("X-CSRFToken", csrftoken);
            }
        }
    });
  });
})(jQuery);

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何在python(Django)中获取csrf_token - How to get the csrf_token in python(Django) 如何使用Ajax replaceWith(Django表单的{%csrf_token%}) - How to Ajax replaceWith(Django form's {% csrf_token %}) 如何正确地将django csrf_token附加到内联javascript中? - How to properly append django csrf_token to form in inline javascript? 如何将 csrf_token 传递给 django 中的 javascript 文件? - how to pass csrf_token to javascript file in django? 如何在 javascript 中使用 {% csrf_token %} - How to use {% csrf_token %} in javascript 如何使用jquery在异步帖子中使用csrf_token - How to csrf_token in asynchoronous post with jquery 如何发送 csrf_token? - How can I send csrf_token? 我如何将 csrf_token 包含到 dropzone Post 请求(Django) - How do i include the csrf_token to dropzone Post request (Django) django 使用经典的 javascript 将 AJAx POST 请求发送到带有 csrf_token 的服务器,如何? - django sending AJAx POST request using classical javascript into server with csrf_token, how to? {% csrf_token %} 从 js 文件 django 打印为文本 - {% csrf_token %} printing as text from js file django
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM