CSRF verification fails on requests.post()
Question
Can't figure this one out. The CSRF verification works fine in all my Django template views. Here I'm trying to post from a python client using techniques I've found in other posts. The client.get(url) call does provide the token (the debugger shows, for example: client.cookies['csrftoken'] = 'POqMV69MUPzey0nyLmifBglFDfBGDuo9') but requests.post() fails with error 403, CSRF verification failed. What's going on?
My Django view (with some dummy stuff in the methods):
class CameraUpload(View):
template_name = "account/templates/upload.html"
def get(self, request):
dummy = VideoForm()
return render(request, self.template_name, {'form': dummy})
def post(self, request):
dummy = VideoForm()
return render(request, self.template_name, {'form': dummy})
And the client that's trying to do the post:
import requests
url = 'http://127.0.0.1:8000/account/camera_upload/'
client = requests.session()
client.get(url)
csrftoken = client.cookies['csrftoken']
payload = {
'csrfmiddlewaretoken': csrftoken,
'tag': '69'
}
r = requests.post(url, data=payload)
EDIT:
Tried adding the referer as per this link so code now looks like:
r = requests.post(url, data=payload, headers=dict(Referer=url))
but same problem exists.
1 answers
solution1
5 ACCPTED 2015-06-11 15:34:13
您应该将会话( client )用于帖子:
r = client.post(url, data=payload, headers=dict(Referer=url))
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.