Sur*_*rya 1 python django post django-forms
我只是用POST方法构建一个简单的HTML表单,不幸的是我发现CSRF验证错误.
这只是一个在localhost上使用POST方法的简单html表单.没有涉及跨站点.我绝对可以通过使用来修复它,csrf_token但我仍然不明白为什么django要求我这样做..
此处不涉及重定向/ iframe ...
那么,为什么会这样呢?这是正常的吗?
# Also tried using RequestContext(request) but there isn't any change in the error
#settings.py
'django.middleware.csrf.CsrfViewMiddleware' in MIDDLEWARE_CLASSES
#views.py
# url for home page is "" i.e, http://127.0.0.1:8000/
def HomePage (request):
if request.method == "POST":
form = myForm(request.POST)
if form.is_valid():
data = form.cleaned_data
context = { "myForm" : myForm(choices),
"values" : data,
}
return render_to_response("home.html", context)
else:
form = myForm(choices)
context = {"myForm" : form}
return render_to_response("home.html", context)
# home.html
<div id="pingmeeForm">
<form action="" method="post">
<table>
{{myForm.as_table}}
</table>
<input name="enter" type="submit" value="enter"/>
</form>
{{values}}
</div>
# forms.py
class myForm (forms.Form):
def __init__(self, my_choices,*args, **kwargs):
super(myForm, self).__init__(*args, **kwargs)
self.fields['Friends'] = forms.ChoiceField(choices=my_choices)
message = forms.CharField()
如果您执行发布请求,通常会更改服务器的状态.如果更改服务器的状态,则不希望允许其他站点执行此操作.要防止在服务器上发出请求后的其他站点,请添加csrf保护.因此,解决方案应该(永远不会)去除Csrf保护.根据具体情况,以下两种情况之一是这样的: