堆栈内存溢出
  简体   繁体   English

如何在 django 和 javascript 之间传递 csrf 令牌

[英]how to pass a csrf token between django and javascript

 原文  2022-08-30 11:53:02       javascript/ jquery/ django/ leaflet

问题描述

I know very little about javascript.我对 javascript 知之甚少。

I have a GeoDjango project, and am adding a map view of some of the data using Leaflet.我有一个 GeoDjango 项目,并且正在使用 Leaflet 添加一些数据的 map 视图。 There is a lot of data so I am using a Leaflet uGeoJSON Layer to display the data (this allows leaflet to post a bounding box so Django can filter results and only pass visible data).有很多数据,所以我使用 Leaflet uGeoJSON 层来显示数据(这允许 leaflet 发布边界框,因此 Django 可以过滤结果仅可见数据)。

I am adding leaflet to a django view.我将 leaflet 添加到 django 视图中。

I have this working with a function based view in django which I decorate with @csrf_exempt, but would like to pass the proper csrf headers so I can use the generic class based django views. I have this working with a function based view in django which I decorate with @csrf_exempt, but would like to pass the proper csrf headers so I can use the generic class based django views.

The documentation for [Leaflet uGeoJSON Layer][1] suggests: [Leaflet uGeoJSON Layer][1] 的文档建议:

var headers = {};

  // CSRF headers
  var token = jQuery("meta[name='_csrf']").attr("content");
  var header = jQuery("meta[name='_csrf_header']").attr("content");
  if (header) {
    headers[header]= token;
  }

  var customers = new L.uGeoJSONLayer({
    endpoint : "/layers/customers",
    headers: headers
  }).addTo(map);

I added this to my javascript but token and header are always null.我将此添加到我的 javascript 但令牌和 header 始终是 null。

Here is my javascript.这是我的 javascript。

map.js

var headers = {};

  // CSRF headers
  var token = jQuery("meta[name='_csrf']").attr("content");
  var header = jQuery("meta[name='_csrf_header']").attr("content");
  if (header) {
    headers[header]= token;
  }

// Point Styles
var 
  DmseJobStyle = {
  fillColor: "#FFFFE0",
  color: "#FFFF00",
  opacity: 1,
  fillOpacity: 0.8
}

var
... 
  DmseJobData = new L.uGeoJSONLayer({endpoint: "data.jobs/",
    usebbox: true,
    headers: headers,
    pointToLayer: function (feature, latlng) {
            return L.circleMarker(latlng, DmseJobStyle)
    },
    onEachFeature:function(feature, layer) {
        layer.bindPopup('Job: ' + feature.properties.num + '</br>Desc: ' + feature.properties.desc);
    } 
  }),


var map = L.map('map', {
    center: [45.75, -64.99],
    zoom: 10,
    layers: [osm]
});

var overlayMaps = {
    ...
    "DMSE Jobs": DmseJobData,
};

This is in a file map.js which is loaded in my django template using:这是在我的 django 模板中加载的文件 map.js 中,使用:

<script src="{% static 'core\map.js' %}"></script>

If I add a breakpoint, token and header will both be null when loading the map.如果我添加断点,则加载 map 时,我添加断点,令牌和 header 都将是 null。 If I allow it to keep going, I get a POST... 403 error如果我允许它继续运行,我会收到一个 POST... 403 错误

1 个解决方案

解决方案1
 0  2022-08-31 00:50:32

In my project I use:在我的项目中,我使用:

var csrf_token = $('input[name="csrfmiddlewaretoken"]').val(); var csrf_token = $('input[name="csrfmiddlewaretoken"]').val();

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 如何将 csrf_token 传递给 django 中的 javascript 文件? - how to pass csrf_token to javascript file in django? Django-Javascript-Csrf令牌 - Django - Javascript - Csrf Token 使用Django使用Javascript生成CSRF令牌 - CSRF Token Generation in Javascript with Django 如何在 AJAX 中传递 Django csrf 令牌(不使用 jQuery) - How to pass Django csrf token in AJAX (without jQuery) 如何正确地将django csrf_token附加到内联javascript中? - How to properly append django csrf_token to form in inline javascript? 如何在python(Django)中获取csrf_token - How to get the csrf_token in python(Django) 如何在django中应用csrf_token - how to apply csrf_token in django 带有django csrf令牌的js - django csrf token with js Django - 未定义csrf标记 - Django - csrf token not defined Django CSRF令牌丢失 - Django CSRF token is missing
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM