我正在为我的学校编写一个注册网站,并使用Django作为框架.对于注册,我需要一个用户名,密码和注册令牌.那些尚未验证的内容,我现在正试图从注册输入页面(使用POST请求)转到您已成功注册"页面.沿线的某个地方,csrf令牌显然拒绝被验证.
I'm writing an enrollment website for my school, and using Django for the framework. For the registration, I require a username, password, and registration token. Those have yet to be validated, all I'm attempting to do right now is go from the registration input page (which uses a POST request) to a "You have successfully registered" page. Somewhere along the line, the csrf token is apparently refusing to be validated.
我的观点:
def register(request): return render(request, 'enroller/successfulEnroll.html')我的页面:
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <form action="{% url 'register' %}" method="post"> {% csrf_token %} <div class="container"> <label><b>New Username</b></label> <input type="text" placeholder="Username" name="uname" required> <br> <label><b>Password</b></label> <input type="password" placeholder="Password" name="psw" required> <br> <label><b>Registration Password</b></label> <input type="text" placeholder="Registration Key" name="reg" required> <br> <input type="submit" value="Register" /> </div> </form> </body> </html>当我尝试从注册页面转到成功页面时,它给我一个错误403(CSRF验证失败.请求中止).但是,当我尝试访问URL mysite/register/时,它将返回我请求的页面,没有错误.
When I attempt to go from the registration page to the success page, it gives me an error 403 (CSRF Verification failed. Request aborted). However, when I attempt to go to the url mysite/register/, it returns the page I requested with no error.
有什么办法可以解决这个问题?我一直在研究RequestContext,但是我不确定要在哪里使用它.
Is there any way to fix this? I've been looking at RequestContext, but I'm not entirely sure where it would be used.
推荐答案使其正常工作.Daniel是对的-这是我的中间件配置的问题.我在settings.py的中间件数组之前添加了两行,突然之间一切正常.
Got it to work. Daniel was right - it was a problem with the configuration of my middleware. I added two lines before my middleware array in settings.py, and all of the sudden it worked.
SESSION_COOKIE_SECURE = True SESSION_EXPIRE_AT_BROWSER_CLOSE = True我不能完全确定为什么会起作用,或者问题出在什么地方,但是现在可以起作用了.谢谢丹尼尔!
I can't say I'm entirely sure why it worked, or what the issue was exactly, but it works now. Thanks Daniel!
更多推荐
Django 403 CSRF验证失败
发布评论