C:\Users\x\pyp1>python manage.py runserver
Performing system checks...System check identified no issues (0 silenced).
June 07, 2018 - 22:06:45Django version 2.0.6, using settings 'pyp1.settings'Starting development server at http://127.0.0.1:8000/Quit the server with CTRL-BREAK.[07/Jun/2018 22:06:51] "GET /polls/login/ HTTP/1.1" 200 2403[07/Jun/2018 22:06:51] "GET /static/bootstrap/css/bootstrap.min.css HTTP/1.1" 404 1717[07/Jun/2018 22:06:51] "GET /static/fontawesome/css/font-awesome.min.css HTTP/1.1" 404 1732Forbidden (CSRF token missing or incorrect.): /polls/login/[07/Jun/2018 22:06:53] "POST /polls/login/ HTTP/1.1" 403 2513
Forbidden (403)
CSRF verification failed. Request aborted.
Help
Reason given for failure:
CSRF token missing or incorrect.
In general, this can occur when there is a genuine Cross Site Request Forgery, or when has not been used correctly. For POST forms, you need to ensure:
- Your browser is accepting cookies.
- The view function passes a
requestto the template's method. - In the template, there is a
{% csrf_token %}template tag inside each POST form that targets an internal URL. - If you are not using
CsrfViewMiddleware, then you must usecsrf_protecton any views that use thecsrf_tokentemplate tag, as well as those that accept the POST data. - The form has a valid CSRF token. After logging in in another browser tab or hitting the back button after a login, you may need to reload the page with the form, because the token is rotated after a login.
You're seeing the help section of this page because you have DEBUG = True in your Django settings file. Change that to False, and only the initial error message will be displayed.
You can customize this page using the CSRF_FAILURE_VIEW setting.
注释掉settings.py中csrf 那一行
MIDDLEWARE = [ 'django.middleware.security.SecurityMiddleware', 'django.contrib.sessions.middleware.SessionMiddleware', 'django.middleware.common.CommonMiddleware', #'django.middleware.csrf.CsrfViewMiddleware', 'django.contrib.auth.middleware.AuthenticationMiddleware', 'django.contrib.messages.middleware.MessageMiddleware', 'django.middleware.clickjacking.XFrameOptionsMiddleware', ]
资源文件404问题解决 在settings.py中加入
# 静态文件夹的位置 STATICFILES_DIRS = [ os.path.join(BASE_DIR, "static"), ]