重装时禁止Django csrf_token

时间:2015-04-08 10:10:22

标签: django django-csrf

我是python和django的新手。我开始使用用户登录等在线应用程序。一切都按预期工作。但是,如果我在相关视图的页面上有@login_required装饰器并且我重新加载页面,那么我得到Forbidden (403) CSRF verification failed. Request aborted。只是重装。我的所有形式都可以完美地运作。你能告诉我怎么解决这个问题? 观点: 

@login_required
def main(request):
    user=request.user
    if request.method=='POST':
        projectid=request.POST['project']
        project = Project.objects.get(pk=int(projectid))
        if project:
            change=Change(user=user, project=project,starttime=datetime.now())
            change.save()
            return render_to_response('ProjectLogging/timer.html', {'change':change}, context_instance=RequestContext(request))
        else:
            HttpResponse("Choose a valid project!")

HTML: 

<div>
        <span style="color:red">You have uncommitted changes:</span><br>
            <table>
                <tr>
                    <td><b><u>Project</u></b></td>
                    <td><b><u>Started</u></b></td>
                    <td><b><u>Finished</u></b></td>
                </tr>
                {%for f in unfinished_forms%}
                <tr>
                    <td>{{form}}<td>
                </tr>
                {%endfor%}
            </table>
        </div>
        {%endif%}
        <div>
            <form action="/main/" method="post" name="project_list">
                {%csrf_token%}
                {%for p in project_list%}
                    <input type="radio" name="project" value="{{p.id}}">{{p.title}}<br>
                {%endfor%}
                <input type="submit" value="Start working!">
            </form>
        </div>

0 个答案:

没有答案
相关问题
最新问题