例子:
@csrf_exempt def login(request): return render_to_response('app/login.html', locals())
上边的方法是取消csrf的防御机制。
第二种方法,给出例子,主要为在html的form里面加入{% csrf_token %}这句话,视图函数内加入render(request, 'app/breakdown_view.html', locals())
例子:
<div class="container"> <form class="form-signin" method="POST"> {% csrf_token %} <h2 class="form-signin-heading">Please login in</h2> <label for="inputEmail" class="sr-only">Email address</label> <input name="loginEmail" type="email" id="inputEmail" class="form-control" placeholder="Email address" value = "{{myLogin.loginEmail}}" required autofocus> <label for="inputPassword" class="sr-only">Password</label> <input name="loginPassword" type="password" id="inputPassword" class="form-control" placeholder="Password" required> <!-- <div class="checkbox"> <label> <input type="checkbox" value="remember-me"> Remember me </label> </div> --> <button class="btn btn-lg btn-primary btn-block" type="submit">Login in</button> </form> </div> <!-- /container --> def login(request): return render(request, 'app/login.html', locals())
