在django中,使用jquery ajax post数据,会出现403的错误
2012-08-28 14:26
323 查看
在django中,使用jquery ajax post数据,会出现403的错误
方法一:
如果用jQuery来处理ajax的话,Django直接送了一段解决问题的代码。把它放在一个独立的js文件中,在html页面中都引入即可。注意这个js文件必须在jquery的js文件引入之后,再引入即可
[javascript]
view plaincopyprint?
$(document).ajaxSend(function(event, xhr, settings) {
function getCookie(name) {
var cookieValue = null;
if (document.cookie && document.cookie != '') {
var cookies = document.cookie.split(';');
for (var i = 0; i < cookies.length; i++) {
var cookie = jQuery.trim(cookies[i]);
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) == (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}
function sameOrigin(url) {
// url could be relative or scheme relative or absolute
var host = document.location.host; // host + port
var protocol = document.location.protocol;
var sr_origin = '//' + host;
var origin = protocol + sr_origin;
// Allow absolute or scheme relative URLs to same origin
return (url == origin || url.slice(0, origin.length + 1) == origin + '/') ||
(url == sr_origin || url.slice(0, sr_origin.length + 1) == sr_origin + '/') ||
// or any other URL that isn't scheme relative or absolute i.e relative.
!(/^(\/\/|http:|https:).*/.test(url));
}
function safeMethod(method) {
return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
}
if (!safeMethod(settings.type) && sameOrigin(settings.url)) {
xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken'));
}
});
例如
[python]
view plaincopyprint?
@csrf_exempt
def profile_delte(request):
del_file=request.POST.get("delete_file",'')
方法一:
如果用jQuery来处理ajax的话,Django直接送了一段解决问题的代码。把它放在一个独立的js文件中,在html页面中都引入即可。注意这个js文件必须在jquery的js文件引入之后,再引入即可[javascript]
view plaincopyprint?
$(document).ajaxSend(function(event, xhr, settings) {
function getCookie(name) {
var cookieValue = null;
if (document.cookie && document.cookie != '') {
var cookies = document.cookie.split(';');
for (var i = 0; i < cookies.length; i++) {
var cookie = jQuery.trim(cookies[i]);
// Does this cookie string begin with the name we want?
if (cookie.substring(0, name.length + 1) == (name + '=')) {
cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
break;
}
}
}
return cookieValue;
}
function sameOrigin(url) {
// url could be relative or scheme relative or absolute
var host = document.location.host; // host + port
var protocol = document.location.protocol;
var sr_origin = '//' + host;
var origin = protocol + sr_origin;
// Allow absolute or scheme relative URLs to same origin
return (url == origin || url.slice(0, origin.length + 1) == origin + '/') ||
(url == sr_origin || url.slice(0, sr_origin.length + 1) == sr_origin + '/') ||
// or any other URL that isn't scheme relative or absolute i.e relative.
!(/^(\/\/|http:|https:).*/.test(url));
}
function safeMethod(method) {
return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
}
if (!safeMethod(settings.type) && sameOrigin(settings.url)) {
xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken'));
}
});
$(document).ajaxSend(function(event, xhr, settings) { function getCookie(name) { var cookieValue = null; if (document.cookie && document.cookie != '') { var cookies = document.cookie.split(';'); for (var i = 0; i < cookies.length; i++) { var cookie = jQuery.trim(cookies[i]); // Does this cookie string begin with the name we want? if (cookie.substring(0, name.length + 1) == (name + '=')) { cookieValue = decodeURIComponent(cookie.substring(name.length + 1)); break; } } } return cookieValue; } function sameOrigin(url) { // url could be relative or scheme relative or absolute var host = document.location.host; // host + port var protocol = document.location.protocol; var sr_origin = '//' + host; var origin = protocol + sr_origin; // Allow absolute or scheme relative URLs to same origin return (url == origin || url.slice(0, origin.length + 1) == origin + '/') || (url == sr_origin || url.slice(0, sr_origin.length + 1) == sr_origin + '/') || // or any other URL that isn't scheme relative or absolute i.e relative. !(/^(\/\/|http:|https:).*/.test(url)); } function safeMethod(method) { return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method)); } if (!safeMethod(settings.type) && sameOrigin(settings.url)) { xhr.setRequestHeader("X-CSRFToken", getCookie('csrftoken')); } });
方法二:
在处理post数据的view前加@csrf_exempt装饰符例如
[python]
view plaincopyprint?
@csrf_exempt
def profile_delte(request):
del_file=request.POST.get("delete_file",'')
相关文章推荐
- 在django中,使用jquery ajax post数据,会出现403的错误
- django中使用jquery ajax post数据出现403错误的解决办法(两种方法)
- django中使用jquery ajax post数据出现403错误的解决办法(两种方法)
- client 提交post 到 django出现403错误
- django中使用POST方法 获取POST数据
- 使用fiddler更改post请求数据,具现post错误
- [Django1.4]使用post表单:CSRF verification failed. Request aborted.错误
- Django:(博客系统)使用使用mysql数据&创建post/category/tag实体,并同步到数据中
- 在使用 HttpWebRequest Post数据时候返回 400错误
- 使用jquery Ajax的post方法或直接使用jqery ajax请求action 得到返回的json数据
- Django POST请求 错误 forbidden(403) CSRF verification failed. Request aborted 解决方法
- [django1.2+python2.7]ajax异步post数据,出现Forbidden的错误
- 接收get或post数据使用fwrite写入文件中,方便追踪错误;或其他几种缓存方式
- django使用ajax post数据403错误解决方法 (tip)
- 【转】Django中使用POST方法获取POST数据
- 使用httpClient的post发送数据时候错误:cannot inherit from final class
- django管理功能POST提交数据总是出现错误,而实际是提交成功的
- Django:(博客系统)使用使用mysql数据->后台管理tag/post/category的配置
- django使用ajax post数据出现403错误如何解决
- django1.6在post数据防止csrf的报错403