堆栈内存溢出
  简体   繁体   English

django检索csrf令牌

[英]django retrieve csrf token

 原文  2019-05-06 15:44:40       python/ django

问题描述

In my web application I need to retrieve csrf token for sending some data through xmlhttprequest but I'm getting an error at the server as " django\\middleware\\clickjacking.py", line 26, in process_response if response.get('X-Frame-Options') is not None: AttributeError: 'str' object has no attribute 'get' ". This is my code 在我的Web应用程序中,我需要检索csrf令牌,以便通过xmlhttprequest发送一些数据,但是在服务器上,我在process_response中的django \\ middleware \\ clickjacking.py”处收到错误, 如果response.get('X- Frame-Options')不是None:AttributeError:'str'对象没有属性'get' “。这是我的代码

//views.py //views.py 

from django.shortcuts import render
from django.shortcuts import render_to_response
from django.template.context_processors import csrf

def interfacePage(request):
    return render(request, "interfacePage.html", {})

def interfacePageSubmit(request):
    if request.method == 'POST':
        datarecvd = request.POST['data']
        return render(request, "interfacePageSubmit.html", {})
    else:
        print("in def interfacePageSubmit")
        csrf1 = str(csrf(request)['csrf_token'])
        return csrf1

//interfacePage.html //interfacePage.html 

function sumbit() {

        var xhr = new XMLHttpRequest();
        var url = {% url 'interfacePageSubmit' %};


        xhr.open("GET", url, false);
        xhr.withCredentials = false;
        xhr.setRequestHeader("x-csrf-token", "fetch");    
        xhr.setRequestHeader("Accept", "application/json");
        xhr.setRequestHeader("Content-Type", "application/json; charset=utf-8");
        var data = null;
        xhr.send(data);
        console.log(xhr.readyState);
        console.log(xhr.status);

        if (xhr.readyState === 4 && xhr.status === 200) {
            var csrfToken = xhr.getResponseHeader('x-csrf-token');
            url = {% url 'interfacePageSubmit' %};
            xhr.open("POST", url, true);
            xhr.withCredentials = false;
            xhr.setRequestHeader("Accept", "application/json");
            xhr.setRequestHeader("Content-Type", "application/json; charset=utf-8");
            xhr.setRequestHeader('x-csrf-token', csrfToken); 
        }

**/ further code goes here

Pls note my " interfacePage.html only contains a button without any form tag 请注意我的“ interfacePage.html仅包含一个没有任何表单标签的按钮

1 个解决方案

解决方案1
 1 已采纳  2019-05-06 15:48:37

You need to return an HttpResponse . 您需要返回HttpResponse Try something like this: 尝试这样的事情: 

def interfacePageSubmit(request):
    # . . . 
    csrf1 = str(csrf(request)['csrf_token'])
    json_data = json.dumps(csrf1)
    return HttpResponse(json_data, content_type='json')

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 Jquery和Django CSRF令牌 - Jquery and Django CSRF Token Django中的CSRF令牌出现问题 - Trouble with CSRF token in Django django csrf 令牌:CSRF 令牌丢失或不正确 - django csrf token : CSRF token missing or incorrect 用于 Ajax 的 Django csrf 令牌 - Django csrf token for Ajax 在django中测试csrf令牌 - Testing csrf token in django Django CSRF令牌丢失 - Django CSRF token is missing Django csrf token + Angularjs - Django csrf token + Angularjs 如何在 django 中实现没有 csrf 令牌的 csrf - how to implement csrf without csrf token in django Django 1.11 CSRF令牌未生成 - Django 1.11 CSRF token is not generated ModelAdmin中的Django csrf_token - Django csrf_token in ModelAdmin
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM