我已经在django表单中启用了csrf令牌,如果我试图上传文件,就会出现以下错误。请帮我修一下。在
禁止(未设置CSRF cookie.):/upload
我的html表单呈现如下。在
<form id="uploadfile" action="/upload" class="dropzone needsclick dz-clickable" enctype="multipart/form-data" method="post" style="display: none;">
<input type="hidden" name="csrfmiddlewaretoken" value="I4DEvg2nDPGkaGjrynMVGh5KfGdk3Z3z">
<div class="dz-message needsclick" style="display: block;">
Drop files here or click to upload.<br>
</div>
<input type="hidden" name="cmd" value="mycmd"></form>
我的上传视图代码如下所示。在
^{pr2}$在设置.py我已经启用了下面的cookie和csrf。在
........
........
CSRF_COOKIE_SECURE = True
CSRF_COOKIE_HTTPONLY = True
SENDFILE_BACKEND = 'sendfile.backends.development'
........
........
MIDDLEWARE_CLASSES = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
.......
尝试使用“X-CSRFToken”头发送请求并将csrf令牌放入其中。 也许会有帮助 Django documentation - Cross Site Request Forgery protection - Ajax
相关问题 更多 >
编程相关推荐