Wow Seong Gyu Choi <cys5...@gmail.com> 于2020年7月9日周四 下午9:48写道:
> Django Web Page worked properly well with POST method action in Chrome, > Firefox. But No-refere CSRF error occurs only in Edge MS browser. > > I found someone with an error similar to the one below, and I used the > method I told you here but couldn't solve it. > > > https://stackoverflow.com/questions/53186554/django-csrf-token-issue-with-edge-only > > > [ Error Page ] > > Error 403 > > > > > You are seeing this message because this HTTPS site requires a “Referer > header” to be sent by your Web browser, but none was sent. This header is > required for security reasons, to ensure that your browser is not being > hijacked by third parties. > > If you have configured your browser to disable “Referer” headers, please > re-enable them, at least for this site, or for HTTPS connections, or for “ > same-origin” requests. > > If you are using the <meta name="referrer" content="no-referrer"> tag or > including the “Referrer-Policy: no-referrer” header, please remove them. > The CSRF protection requires the “Referer” header to do strict referer > checking. If you’re concerned about privacy, use alternatives like <a rel= > "noreferrer" …> for links to third-party sites. > > > [View.py] > > class TslIdDownFormView(TemplateView): > template_name = 'blog/iddown.html' > checklist = [] > > def post(self, request, *args, **kwargs): > > checklist = request.POST.getlist('selection') > > return render(request, self.template_name, {'checklist': > checklist}) > > > [url.py] > > url_pattern = [ > path('iddown', TslIdDownFormView.as_view(), name='iddown'), > ] > > [template.html] > > <form action="{% url 'iddown' %}" method="post" id="post_form" > target="print_popup" onsubmit="window.open('about:blank', 'print_popup', > 'width=325,height=520');" > > {% csrf_token %} > <input type="submit" class="iddown btn btn-outline btn-primary > pull-right" id="selectBtn" value="Download JSON" > > </form> > > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/300a9928-8ce2-41a3-8e12-0081aab62162o%40googlegroups.com > <https://groups.google.com/d/msgid/django-users/300a9928-8ce2-41a3-8e12-0081aab62162o%40googlegroups.com?utm_medium=email&utm_source=footer> > . > -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAHfGPEe2gW%2B%2BOWb3ew1zz5Gu8AHGM8WanF1CJAD2UD5YzVb%3D2A%40mail.gmail.com.
