django 403问题
C:\Users\x\pyp1>python manage.py runserver
Performing system checks...
System check identified no issues (0 silenced).
June 07, 2018 - 22:06:45
Django version 2.0.6, using settings 'pyp1.settings'
Starting development server at http://127.0.0.1:8000/
Quit the server with CTRL-BREAK.
[07/Jun/2018 22:06:51] "GET /polls/login/ HTTP/1.1" 200 2403
[07/Jun/2018 22:06:51] "GET /static/bootstrap/css/bootstrap.min.css HTTP/1.1" 404 1717
[07/Jun/2018 22:06:51] "GET /static/fontawesome/css/font-awesome.min.css HTTP/1.1" 404 1732
Forbidden (CSRF token missing or incorrect.): /polls/login/
[07/Jun/2018 22:06:53] "POST /polls/login/ HTTP/1.1" 403 2513
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:
- Your browser is accepting cookies.
- The view function passes a
requestto the template'srendermethod. - In the template, there is a
{% csrf_token %}template tag inside each POST form that targets an internal URL. - If you are not using
CsrfViewMiddleware, then you must usecsrf_protecton any views that use thecsrf_tokentemplate tag, as well as those that accept the POST data. - The form has a valid CSRF token. After logging in in another browser tab or hitting the back button after a login, you may need to reload the page with the form, because the token is rotated after a login.
You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
注释掉settings.py中csrf 那一行
MIDDLEWARE = [
'django.middleware.security.SecurityMiddleware',
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
#'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
]
资源文件404问题解决
在settings.py中加入
# 静态文件夹的位置
STATICFILES_DIRS = [
os.path.join(BASE_DIR, "static"),
]
django 403问题的更多相关文章
- Django 403错误:CSRF verification failed. Request aborted
网上有解决办法,我自己的组合是: 一,FORM加标识 <form action="" method="post"> {% csrf_token %} ...
- Django1.8:403错误:CSRF verification failed. Request aborted.
问题:Django 403错误:CSRF verification failed. Request aborted. 原因:需要加cookie验证 解决方法: 1.在view.py中增加 fr ...
- Apache2.4部署django出现403 Forbidden错误解决办法
前言:Apache2.4部署django出现403 Forbidden错误最好要结合apache中的错误日志来观察出现何种错误导致出现403错误 下午百度了一下午没找到解决办法,试了n种方法,简直坑爹 ...
- django http 403 错误
在使用android的xUtils框架提交post请求到django服务器上面,出现错误,返回Forbiddeen.解决方法记录于此. 参考链接 http://blog.csdn.net/liangp ...
- django post报403问题
第一个问题是: 我使用jquery的ajax向后台传值, 当使用GET方法时没问题 $.ajax({ type:"GET" url: data: success: }) 但是由于基 ...
- Django提交表单时遇到403错误:CSRF verification failed
这个问题是由跨站点伪造请求(CRSF)造成的,要彻底的弄懂这个问题就要理解什么是CRSF,以及Django提供的CSRF防护机制是怎么工作的. 什么是CSRF CSRF, Cross Site Req ...
- Django的POST请求时因为开启防止csrf,报403错误,及四种解决方法
Django默认开启防止csrf(跨站点请求伪造)攻击,在post请求时,没有上传 csrf字段,导致校验失败,报403错误 解决方法1: 注释掉此段代码,即可. 缺点:导致Django项目完全无法防 ...
- 解决Django + DRF:403 FORBIDDEN:CSRF令牌丢失或不正确,{"detail":"CSRF Failed: CSRF cookie not set."}
我有一个Android客户端应用程序尝试使用Django + DRF后端进行身份验证.但是,当我尝试登录时,我收到以下响应: 403: CSRF Failed: CSRF token missing ...
- django csrf使用教程,解决Forbidden (403)CSRF verification failed. Request aborted.
Django版本号:1.11.15 django中post请求报错:Forbidden (403)CSRF verification failed. Request aborted. HelpReas ...
随机推荐
- Linux课题实践一
Linux课题实践一 20135318 刘浩晨 1.1应用安装 (1)掌握软件源的维护方法,配置系统使用软件源镜像 删除过期或者重复的软件包:进入”系统设置“-”软件和更新”-”ubuntu软件“- ...
- github链接地址及
http://www.github.com/houyanan1/test.git git 在本地创建分支,并且已经在该分支中开发了一段时间,那么commit到本地后,代码会做一个提交快照,在本地分支保 ...
- Oracle系列(二): Oracle表的外键查询
在执行数据库删除操作时,外键关联是令我们最烦的一个东西,有了外键关联,就不允许随意删除数据,那么怎知道这个外键关联度的外键属于那个表? select * from user_cons_columns ...
- PAT 甲级 1044 Shopping in Mars
https://pintia.cn/problem-sets/994805342720868352/problems/994805439202443264 Shopping in Mars is qu ...
- Open Source CRM
https://www.odoo.com/zh_CN/page/crm 试用: https://none53.odoo.com/web#home https://none.mypscloud.com/ ...
- Vert.x简介
https://vertx.io/ https://vertx.io/download/ https://baike.baidu.com/item/Vert.x 近年来,移动网络.社交网络和电商的兴起 ...
- 详解centos6和centos7防火墙的关闭
http://www.jb51.net/article/101576.htm http://www.myhack58.com/Article/48/66/2013/37314.htm http://w ...
- Hot code replace (HCR)
https://wiki.eclipse.org/FAQ_What_is_hot_code_replace%3F https://zhidao.baidu.com/question/195505558 ...
- Win2016以及win10 IIS10 下安装IEwebcontrol的方法
1. 公司产品需要安装IE webcontrol控件 但是在win2016以及win10 上面安装时 因为IIS 已经升级到了IIS10 安装时会提示: 兼容解决的方法比较简单,修改注册表即可 HKE ...
- nginx-匹配规则
location 指令的作用是根据用户请求的URI来执行不同的应用. locationn使用的语法为 location [=|~|~*|^~] uri { .... } location 语法说明表 ...