Django中的CSRF令牌出现问题
[英]Trouble with CSRF token in Django
问题描述
Im trying to make registration page for users, but taking errors from Django (v 1.7.1): 
我试图为用户创建注册页面,但从Django(v 1.7.1)中出错:
Reason given for failure: CSRF cookie not set.
Im sure, that cookie allowed on my PC (chrome browser). 我确定,该Cookie可以在我的PC(Chrome浏览器)上使用。 Adding {% csrf_token %} doesn't solve my issue. 添加{%csrf_token%}不能解决我的问题。 Maybe somebody advise me, how to fix this trouble? 也许有人建议我,如何解决这个问题?
part from my register.html: 部分来自我的register.html:
<div class="container">
<form action="." class="form-signin" method="post">
{% csrf_token %}
<h4 class="form-signin-heading">Register new user</h4>
{{ form.login }}
{{ form.login.errors }}
{{ form.password }}
{{ form.password.errors }}
{{ form.address }}
{{ form.address.errors }}
{{ form.phone }}
{{ form.phone.errors }}
{{ form.postcode }}
{{ form.postcode.errors }}
{{ form.email }}
{{ form.email.errors }}
<button class="btn btn-small btn-primary" type="submit">Register me</button>
</form>
</div>
RegisterForm.py RegisterForm.py
# -*- coding: utf-8 -*-
from django import forms
from mainws.models.User import User
class RegisterForm(forms.Form):
login = forms.CharField(min_length=3, max_length=50, required=True,
error_messages={'required': 'Enter login'},
widget=forms.TextInput(attrs={'placeholder': 'login',
'class': "input-block-level"}))
password = forms.CharField(min_length=6, max_length=50, required=True,
error_messages={'required': u'Enter password'},
widget=forms.TextInput(attrs={'placeholder': 'password',
'class': "input-block-level",
'type': 'password'}))
address = forms.CharField(min_length=5, max_length=255, required=True,
error_messages={'required': u'Enter address'},
widget=forms.TextInput(attrs={'placeholder': 'address',
'class': "input-block-level"}))
phone = forms.CharField(min_length=7, max_length=25, required=True,
error_messages={'required': u'Enter phone'},
widget=forms.TextInput(attrs={'placeholder': 'phone',
'class': "input-block-level"}))
postcode = forms.CharField(min_length=2, max_length=25, required=True,
error_messages={'required': u'Enter postcode'},
widget=forms.TextInput(attrs={'placeholder': 'postcode',
'class': "input-block-level"}))
email = forms.EmailField(min_length=5, required=True,
error_messages={'required': u'Enter email'},
widget=forms.TextInput(attrs={'placeholder': 'email',
'class': "input-block-level"}))
def clean(self):
super(RegisterForm, self).clean()
typed_login = self.cleaned_data['login']
if User.objects.filter(login=typed_login).exists():
raise forms.ValidationError('This user already registered!')
return self.cleaned_data
RegisterController.py RegisterController.py
from django.http import HttpResponse, HttpResponseRedirect
from django.views.generic.base import View
from django.shortcuts import render_to_response
from mainws.forms.RegisterForm import RegisterForm
class RegisterController(View):
def get(self, request, *args, **kwargs):
form = RegisterForm()
return render_to_response('user/register.html', locals())
def post(self, request, *args, **kwargs):
form = RegisterForm(request.POST)
if form.is_valid():
#return HttpResponseRedirect('/login')
return HttpResponse('OK!', locals())
else:
return HttpResponse('all not valid!', locals())
1 个解决方案
解决方案1
2 已采纳 2014-12-01 10:34:07
Your mistake that you don't use RequestContext in render_to_response . 您没有在render_to_response使用RequestContext的错误。 That's is why csrf_token is empty. 这就是csrf_token为空的原因。
To take advantage of CSRF protection in your views, follow these steps: 要在您的视图中利用CSRF保护,请执行以下步骤:
- Add 'django.middleware.csrf.CsrfViewMiddleware' to MIDDLEWARE_CLASSES. 将“ django.middleware.csrf.CsrfViewMiddleware”添加到MIDDLEWARE_CLASSES。 Done 完成
- Use the csrf_token tag inside the element. 在元素内使用csrf_token标签。 Done 完成
- Ensure that the 'django.core.context_processors.csrf' context processor is being used: use RequestContext in your's view or do it manually. 确保正在使用“ django.core.context_processors.csrf”上下文处理器:在您的视图中使用RequestContext或手动进行操作。 Not done 尚未完成
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.