django Do not close CSRF middleware , Custom through CSRF Tested post request

<> In a formal environment , Do not close csrf middleware , Custom skip csrf Tested post request

<> Two methods

<> The first one : put things right once and for all , Delete and add the post request

More suitable for a large number of passes csrf Request for

1. Create in asset project middleware.py file :

2. stay middleware.py Write the following code to the file :

Will need to skip csrf Tested post request , Add to URL_LIST Just in the list
import re from django.utils.deprecation import MiddlewareMixin class
IgnoreCrsfMiddleware(MiddlewareMixin): def process_request(self, request, **karg
): # which one? post Request needs to be skipped csrf testing , Add to URL_LIST Just in the list URL_LIST = [r'^/test_csrf/$', r
'^/c/d/$'] for u in URL_LIST: if re.match(u, request.path): request.
csrf_processing_done= True
3. stay settings.py Add custom middleware to middleware :

This guarantee post Request passed successfully csrf testing

<> The second kind : For the specified view

<> All three forms are OK :

It's all imported packages :
from django.views.decorators.csrf import csrf_exempt
<> The first one : Common view functions
# Get wechat returned code information @csrf_exempt def wechat_auth(req): if req.method == 'POST':
code = req.POST.get('code') data_info = get_access_token_info(code) return
JsonResponse({'message': data_info, "status": '1'}) return
JsonResponse({'message': ' Code scanning failed , Please refresh and try again !',"status": 0})
<> The second kind : Class views that inherit view classes
from django.views.decorators.csrf import csrf_exempt class MyView(View): def
get(self, request): return HttpResponse("hi") def post(self, request): return
HttpResponse("hi") @csrf_exempt def dispatch(self, *args, **kwargs): return
super(MyView, self).dispatch(*args, **kwargs)
<> The third kind : stay urls.py Set in
from django.conf.urls import url from django.views.decorators.csrf import
csrf_exempt import views urlpatterns = [ url(r'^myview/$',
csrf_exempt(views.MyView.as_view()), name='myview'), ]
Three forms , Choose one .

• « 上一篇：python Judge two lists （list） Are the values in the same （[1,2,3] and [3,2,1]）
• » 下一篇：2020Java Practical training （ Student information management system ）