CSRF verification failed. Request aborted.

Forbidden (403)

CSRF verification failed. Request aborted.

在POST forms中你要确定一下几点：

• Your browser is accepting cookies.
• The view function passes a request to the template's render method.
• In the template, there is a {% csrf_token %} template tag inside each POST form that targets an internal URL.
• If you are not using CsrfViewMiddleware, then you must use csrf_protect on any views that use the csrf_token template tag, as well as those that accept the POST data.

解决这个问题的方法：

1.template中的forms中添加 {%csrf_token%} 标签

2.在settings.py的MIDDLEWARE_CLASSES中添加‘django.middleware.csrf.CSrfViewMiddleware',如果你不想在MIDDLEWARE_CLASSES中添加CSrfViewMiddleware，可以在视图函数前使用csrf_protect()

<span style="font-size:18px;">from django.views.decorators import csrf@csrf.csrf_protectdef index(request):      pass</span>

3.如果使用render_to_response()函数，一定要添加参数context_instance=RequestContext(request);如果使用render函数，不用添加RequestContext,render函数会自动传递.在返回response对象的时候使用RequestContext是为了让模板中的{%csrf_token%}更好的发挥效用

<span style="font-size:18px;">from django.shortcuts import render, render_to_response,RequestContextdef view_func(request):    return render(request,'index.html', {'param':param})    or    return render_to_response('index.html', {'param':param}, context_instance=RequestContext(request))</span>