Tag Archives: 403

Forbidden (403) CSRF verification failed. Request aborted. – Django

How to solve the cross-domain problem of Django?
please see this article, very detailed: https://pypi.org/project/django-cors-headers/


The above is due to the CSRF problem, how to solve?
Two ways:
Top: comment out CsrfViewMiddleware as shown, but
is not recommended
Second: add the annotation @csrf_exempt
to the interface view
The above two methods do solve 403 errors.
However, according to a lot of information, the approach is that the front end first USES get request to specify the interface, and then the server generates get_token(request) to return to the front end. The front end carries csrftoken returned when requesting the interface, which will verify whether the cookie is consistent…
But they all tried in vain…
We can see the article: https://www.cnblogs.com/rgcLOVEyaya/p/RGC_LOVE_YAYA_692days_802_1.html