[英]403 forbidden and CSRF verification failed. Request aborted. python requests
import requests
import json
headers={'User-Agent':'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2840.87 Safari/537.36'}
post_data={"q":"","filters":{"sizes":["Large","MNE"],"sectors":[18],"countries":[228],"regions":["Northern America"],"years":[2015],"types":[]},"page":1}
with requests.Session() as s:
for_cookies=s.get('http://database.globalreporting.org/search')
# print(for_cookies.content)
p = s.post('http://database.globalreporting.org/search/ajax/',data=json.dumps(post_data), headers=headers)
print(p.content)
我已包含csrf令牌并尝试调用它。 但是我认为Django网站一定使用过
if not request.is_ajax():
return HttpResponse('Only ajax request')
因为我尝试了代码,
import requests
with requests.Session() as client:
for_cookies=client.get('http://database.globalreporting.org/search')
csrf = client.cookies['csrftoken']
print csrf
post_data={"csrfmiddlewaretoken": csrf, "q":"","filters":{"sizes":["Large","MNE"],"sectors":[18],"countries":[228],"regions":["Northern America"],"years":[2015],"types":[]},"page":1}
r = client.post('http://database.globalreporting.org/search/ajax/', data=post_data, headers=dict(Referer='http://database.globalreporting.org/search'))
print r.text
我得到的答复是
YrZa9IIoFJZyXqeRXZnZ57s3vaoCUCul
Only ajax request
通常,在这些情况下,您必须使用csrf令牌。 但是我们可以配置是否仅使用ajax。
希望我的回答对您有所帮助。
您需要将CSRF令牌值添加到标头中:
with requests.Session() as s:
for_cookies=s.get('http://database.globalreporting.org/search')
headers =
{'X-CSRFToken': for_cookies.headers['Set-Cookie'].split('=')[1].split(';')[0],
'Referer': 'http://database.globalreporting.org/search/',
'X-Requested-With':'XMLHttpRequest'}
p = s.post('http://database.globalreporting.org/search/ajax/',data=json.dumps(post_data), headers=headers)
print(p.content)
尝试此代码,如有任何问题,请通知我
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.