我试图通过JS发送POST请求:
<div>
<h4>Comments</h4>
<form method='POST'>
<textarea class="form-control" id="commentContent" rows="5" name='comment'></textarea>
<br>
<button type="submit" id="commentBtn" class="btn btn-primary">Post Your Comment</button>
</form>
</div>
</div><!--class="col-xs-8 col-md-8"-->
</div><!-- row -->
<script type="text/javascript" src="/static/js/jquery-3.3.1.min.js"></script>
<script type="text/javascript" src="/static/js/jquery.csrf.js"></script>
<script>
$(document).ready(function(){
var article_id = {{ article.id }};
var page_number = {{ page.number }};
$("#commentBtn").click(function(){
var comment =$("#commentContent").val();
var param = {"article_id":article_id, "content":comment};
$.post("/article/comment/create/", param, function(data){
var ret = JSON.parse(data);
if (ret["status"]=="ok") {
$("#commentContent").val("");
window.location.href="/article/detail/{{ article.id }}?page_number={{ page.num_pages }}" \\change to the final page
}else{
alert(ret["msg"]);
}
});
})
});
</script>
它立即提醒以下错误:
[13/Jun/2018 18:54:35] "GET /article/detail/16?comment= HTTP/1.1" 200 5085
[13/Jun/2018 18:54:38] "GET /article/detail/16?comment=rr HTTP/1.1" 200 5085
[13/Jun/2018 18:54:42] "GET /article/detail/16?comment= HTTP/1.1" 200 5085
我创建了一个处理Cross Site Request Forgery protection | Django documentation | Django
之后的csrf token的广告
但是,帖子请求无法发送,并被视为获取请求。
我怎么能解决这个问题?
答案 0 :(得分:0)
这是因为你的代码:
$.post("/article/comment/create/", param, function(data){
var ret = JSON.parse(data);
if (ret["status"]=="ok") {
$("#commentContent").val("");
window.location.href="/article/detail/{{ article.id }}?page_number={{ page.num_pages }}" \\change to the final page
}else{
alert(ret["msg"]);
}
});
当它执行post到/article/comment/create/时,如果成功,它会将页面刷新为/article/detail/{{ article.id }}?page_number={{ page.num_pages }},这是get请求。
此外,它可能会从调试器中删除先前的请求。