[英]How do I correct the following code in django, It's give an error “Forbidden (CSRF token missing or incorrect.)”
<script>
var CSRF_TOKEN = '{{ csrf_token }}';
function getQuestion(str)
{
if(str!="select subject")
{
var req=new XMLHttpRequest();
req.open("post","/addQuestion/",true);
str=encodeURIComponent(str);
req.setRequestHeader("Content-type","application/x-www-form-urlencoded");
req.send("subject="+str);
req.onreadystatechange=function()
{
if(req.status==200 && req.readyState==4)
{
document.getElementById("formdiv").innerHTML=req.responseText;
document.getElementById("formdiv").style.overflowY="scroll";
}
}
}
}
</script>
You should set CSRF_TOKEN in request header您应该在请求 header 中设置 CSRF_TOKEN
req.setRequestHeader('CSRF_TOKEN', CSRF_TOKEN);
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.