A:ajax submit data is, carry CSRF in data:
<form method="POST"action="/csrf.html"> {% Csrf_token%} <input id="User"Type="text"Name="User"/> <input type="Submit"Value="Submit"/> <a onclick="submitForm ();">ajax Submission </a></form> <script src="/static/jquery-1.12.4.js"></script><script>function SubmitForm () {var csrf= $('input[name= "Csrfmiddlewaretoken"]'). Val (); var user= $('#user'). Val (); $.ajax ({URL:'/csrf.html', type:'POST', data: {"User": User,'Csrfmiddlewaretoken': Csrf}, Success:function (ARG) {console.log (ARG); } }) }</script>
B:ajax submission data is that the carrying CSRF is in the request header:
<form method="POST"action="/csrf.html"> {% Csrf_token%} <input id="User"Type="text"Name="User"/> <input type="Submit"Value="Submit"/> <a onclick="submitForm ();">ajax Submit </a></form><script src="/static/jquery-1.12.4.js"></script><script src="/static/jquery.cookie.js"></script><script>function SubmitForm () {var token= $.cookie ('Csrftoken'); var user= $('#user'). Val () $.ajax ({URL:'/csrf.html', type:'POST', headers:{'X-csrftoken': Token}, data: {"User": User}, Success:function (ARG) {console.log (ARG); } })}</script>
CSRF's AJAX request