Django CSRF验证失败. 请求被中断.

当页面中form使用POST方式向后台提交时，报如下错误：

禁止访问 (403)

CSRF验证失败. 请求被中断.

Help

Reason given for failure:

​ CSRF token missing or incorrect.

In general, this can occur when there is a genuine Cross Site Request Forgery, or when Django's CSRF mechanism has not been used correctly. For POST forms, you need to ensure:

• Your browser is accepting cookies.
• The view function passes a request to the template's render method.
• In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
• If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.
• The form has a valid CSRF token. After logging in in another browser tab or hitting the back button after a login, you may need to reload the page with the form, because the token is rotated after a login.
  
  You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.
  
  You can customize this page using the CSRF_FAILURE_VIEW setting.

在网上查找了很多资料，普遍采用的解决方法是：

1. 检查settings.py中是否有下面的配置，如没有加上：
   
   MIDDLEWARE_CLASSES = (

'django.middleware.common.CommonMiddleware',

'django.contrib.sessions.middleware.SessionMiddleware',

'django.middleware.csrf.CsrfViewMiddleware', # 确认存在

'django.contrib.auth.middleware.AuthenticationMiddleware',

'django.contrib.messages.middleware.MessageMiddleware',

'django.middleware.clickjacking.XFrameOptionsMiddleware',

)

2. html中的form添加模板标签{% csrf_token %}
   
   <form action="/saveBlog/" method="post">

{% csrf_token %}

...

</form>

3. 针对views.py进行修改
   
   from django.shortcuts import render_to_response

from django.template import RequestContext



def some_blog(request):

# ...

return render_to_response('my_template.html',

my_data_dictionary,

context_instance=RequestContext(request))
   
   以上各步都基本照做了。其中针对视图的修改，因我的写法与网上不一样，我的是：
   
   def edit_blog(request):

template = get_template('editBlog.html')

moods = Mood.objects.all()

html = template.render(locals())
   
   ``
   
   return HttpResponse(html)
   
   因为官方文档上说render是render_to_response的shortcut，所以没有照网站资料上说的去改。于是错误总是无法解决。

几番挣扎之后，终于在Django出错页面中自己给出的解决办法中有一条：The view function passes a request to the template's rendermethod.（即：视图函数中传递 request 给模板的render方法）。

按这个访求修改后，终于解决问题了！！

def edit_blog(request):

template = get_template('editBlog.html')

moods = Mood.objects.all()

html = template.render(locals(), request) # 把request传递给template.render()

``

return HttpResponse(html)