Django Ajax.Request Post Form，retrun“403”解决办法

Django Ajax.Request Post Form，retrun“403”解决办法

Django使用ajax POST表单时，为防止CSRF攻击，会验证csrftoken的值是否有效；如果没有在settings中设置csrf中间件及ajax post requestheader中没有指定csrftoken的话，就会return “403”，是无法post请求的，那么就需要我们手动添加。

————————–settings：———————————-

MIDDLEWARE_CLASSES = (

‘django.middleware.csrf.CsrfMiddleware’,

‘django.middleware.csrf.CsrfViewMiddleware’,

‘django.middleware.csrf.CsrfResponseMiddleware’,

）

———————————————————————-

——————————JS—————————————————-

function getCookie(sName){var aCookie=document.cookie.split(“; “);for(var i=0;i<aCookie.length;i++){var aCrumb=aCookie[i].split(“=”);if(sName==aCrumb[0])return   (aCrumb[1]);}return null;}

var myAjax=

new Ajax.Request(‘http://192.168.1.100/project/update’{method:’POST’,setRequestHeader:{“X-CSRFToken”:getCookie(‘csrftoken’)},

parameters:’csrfmiddlewaretoken=’+getCookie(‘csrftoken’)+”&Fields=”+fileds})

MIDDLEWARE_CLASSES = (    ‘django.middleware.csrf.CsrfMiddleware’,    ‘django.middleware.csrf.CsrfViewMiddleware’,    ‘django.middleware.csrf.CsrfResponseMiddleware’,）———————————————————————-
——————————JS—————————————————-function getCookie(sName){var aCookie=document.cookie.split(“; “);for(var i=0;i<aCookie.length;i++){var aCrumb=aCookie[i].split(“=”);if(sName==aCrumb[0])return   (aCrumb[1]);}return null;}
var myAjax=new Ajax.Request(‘http://192.168.1.100/project/update’{method:’POST’,setRequestHeader:{“X-CSRFToken”:getCookie(‘csrftoken’)},parameters:’csrfmiddlewaretoken=’+getCookie(‘csrftoken’)+”&Fields=”+fi