我很难使用 Django 来处理 POST 请求。我不断收到此 403 错误消息: Response Page because of request
我试图最终制作一个搜索栏来搜索数据库。在index.html 上,我有一个搜索栏,然后它接受用户输入并将结果发送到search.html 页面。我还没有实现查询搜索,我只是希望使用 Django 表单功能将用户输入显示到 search.html 页面上。
我一直在使用本教程来制作我的第一个表单: https://docs.djangoproject.com/en/1.10/topics/forms/
下面是我创建的python和html脚本(有些变量与教程略有不同,但概念是相同的)
index.html
<form action="search/" method="post">
<div class="search-bar">
<input name="search" type="text" class="form-control" placeholder="What are you interested in?" style="width:1000px">
<button type="submit" class="btn btn-default text-center" style="align-items: center;">Search</button>
</div>
</form>
View .py
from django.shortcuts import get_object_or_404, render, render_to_response
from django.http import HttpResponseRedirect
from django.views import generic
from django.utils import timezone
from .models import *
from django.views.generic.base import TemplateView # View static pages easier, no list
from .forms import NameForm
from django.template import RequestContext
from django.views.decorators.csrf import csrf_protect
class IndexView(generic.base.TemplateView):
template_name = 'ahawebsite/index.html'
#
class ContactView(generic.base.TemplateView):
template_name = 'ahawebsite/contact.html'
#
class AboutView(generic.base.TemplateView):
template_name = 'ahawebsite/about.html'
#
class SignupView(generic.base.TemplateView):
template_name = 'ahawebsite/signup.html'
# class Searchresults(generic.base.TemplateView):
# template_name = 'ahawebsite/search.html'
@csrf_protect
def get_name(request):
# if this is a POST request we need to process the form data
if request.method == 'POST':
# create a form instance and populate it with data from the request:
form = NameForm(request.POST)
# check whether it's valid:
if form.is_valid():
# process the data in form.cleaned_data as required
# ...
# redirect to a new URL:
return redirect('thanks')
# if a GET (or any other method) we'll create a blank form
else:
form = NameForm()
# return render(request,"ahawebsite/search.html",{'form': form})
return render_to_response("ahawebsite/search.html",{'form': form},context_instance=RequestContext(request))
def say_thanks(request):
template = loader.get_template("ahawebsite/thanks.html")
return HttpResponse(template.render({'search': 'search'},request))
url.py
from django.conf.urls import url
from . import views
app_name = 'ahawebsite'
urlpatterns = [
# Look to views.py file to see the references of the [ ]View objects
url(r'^$', views.IndexView.as_view(), name='index'),
url(r'about/$', views.AboutView.as_view(), name='about'),
url(r'contact/$', views.ContactView.as_view(), name='contact'),
url(r'signup/$', views.SignupView.as_view(), name='signup'),
url(r'search/$', views.get_name, name='search'),
url(r'^thanks/$',views.say_thanks,name='thanks'),
]
搜索.html
<form action = "/search/" method = "post">
{% csrf_token %}
{{ form }}
<input type = "submit" value = "Submit" />
</form>
在使用 Django 表单功能时,我不想收到 403 页面作为响应。我是否正确使用了 CSRF token 系统?或者我做了其他完全错误的事情?
最佳答案
index.html
中的表单没有 {% csrf_token %}
。但它仍然会发送到需要它的函数 (get_name
)。 IOW,如果 index.html
中的表单应该发布到 /search/
,那么您需要添加 {% csrf_token %}
其形式,因为 get_name
受 csrf 保护。
关于python - 在 Django 1.10 中制作表单并收到 CSRF 验证失败。请求已中止,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/42099558/