How is 618 sales champion made?Uncover the secret of e-commerce’s “invigorating” hundreds of millions of sales data>>>
CSRF cookie not set
The hint is that
CSRF cookie not set
What is CSRF
Indicates that string validation is required for Django to send post requests globally
function: function to prevent cross site request forgery
working principle : when the client accesses the server, when the server normally returns data to the client, it returns a string to the client. When the client visits the server next time, the server will look up the previously returned string from the client. If it is found, it will continue. If it is not found, it will refuse
access process : client – URL routing system – CSRF – view function
What I want to write here is an API interface for internal use, and Cross Site Request Forgery is unlikely
So here are two not very recommended, but very simple ways to solve this problem
Since CSRF is not needed, we can turn off CSRF detection
Solution 1:
In the project you created, find the settings. Py
file
Find the midview
parameter in the file settings.py
Comment out 'django. Middleware. CSRF. Csrfviewmiddleware ',
Like this,
Solution 2:
The second method is similar to the first
Above is the comment of Django. Middleware. CSRF. Csrfviewmiddleware
, which is a global setting
In fact, we can also make special settings for a single API
Here we use @ CSRF_ Exempt
@csrf_ Exempt is used to cancel the anti Cross Site Request Forgery function of the current function
Find the views. Py
file, which is where we deal with API rules
Import from django.views.decorators.csrf import CSRF_ exempt
We add @ CSRF to the corresponding function_ exempt
Like this, isn’t it very simple
Note: please indicate the source of the reprint, thank you^_^