How does the Django framework use the Ajax post method to _ajax related

Django is an open source Web application framework written by Python. The software design pattern of MVC is adopted, namely model M, view V and Controller C. It was originally developed to manage some of the news content-oriented Web sites owned by the Lawrence Publishing Group, which is CMS (Content management system) software. and was released under the BSD license in July 2005. The framework is named after the Belgian gypsy jazz guitarist, Django Reinhardt.

Today, when I tried to invoke jquery Ajax, I found a problem with the Get method server returning normally, but not with the post method. It is not possible to test the Post method of the form later. As long as the post must report HTTP 403 error! Very strange ...

Search a lot of information on the Internet after the original is because Django cross Site Request forgery protection mechanism problem. This mechanism is to protect against CSRF attacks. What is CRSF attack, Peach Lin Blog has a more superficial explanation. The solution Django's official website has provided http://docs.djangoproject.com/en/dev/ref/contrib/csrf/, and the Ajax can be posted smoothly after the instructions have been modified.

The way to do this is to first resolve the post for the form. Find middleware_classes in the settings.py file, add a middleware: ' Django.middleware.csrf.CsrfViewMiddleware ', and the modified code is as follows:

Python code

middleware_classes = ( 
 ' django.middleware.common.CommonMiddleware ', 
 ' Django.contrib.sessions.middleware.SessionMiddleware ', 
 ' django.middleware.csrf.CsrfViewMiddleware ', 
 ' Django.contrib.auth.middleware.AuthenticationMiddleware ', 
 ' Django.contrib.messages.middleware.MessageMiddleware ', 
 ' Django.middleware.csrf.CsrfResponseMiddleware ', # Join this middleware 

After this modification, you can resolve the Post submission HTTP 403 issue for the form. The Ajax post submission is just not going to work. You also need to hook up the cookie processing process for each commit. That is, every time the submission is committed, the process is triggered and the CSRF token is added to the HTTP header being submitted. But luckily, if you're using jquery to handle Ajax, Django sends a problem-solving code directly. Put it in a separate JS file, in the HTML page can be introduced. Note that this JS file must be in the jquery JS file introduced after the introduction. The code I copied directly over, as follows:

JS Code

$ (' HTML '). Ajaxsend (function (event, XHR, settings) { 
 function GetCookie (name) { 
  var cookievalue = null; 
  if (document.cookie && document.cookie!= ') { 
   var cookies = Document.cookie.split (';'); 
   for (var i = 0; i < cookies.length i++) { 
    var cookie = Jquery.trim (Cookies[i]); 
    Does this cookie string begin with the name we want? 
    if (cookie.substring (0, name.length + 1) = = (name + ' = ')) { 
     Cookievalue = decodeuricomponent (cookie.substring (name.le Ngth + 1)); 
     break; 
    } 
  }} return cookievalue; 
 } 
 if (!) ( /^http:.*/.test (settings.url) | | /^https:.*/.test (Settings.url))) { 
  //Only send the token to relative URLs i.e. locally. 
  Xhr.setrequestheader ("X-csrftoken", GetCookie (' Csrftoken ')); 
 } 
; 

After this toss, you can normally use Ajax to communicate with Django.

The use of Ajax in Django

The AJAX code for the front end looks like this:

$.ajax ({
 type: ' Get ',
 URL: '/store/ds_mgmt_wx/ajax_handle ',
 dataType: ' html ',
 success:function ( Data)
  {
   alert (data);
  },
 error:function (data)
 {
  alert (data); 
 }
);

The return method for the corresponding code on the backend is as follows:

if act_job = = ' Ajax_handle ': Return
  httpresponse (' Ajax_handle ')

About the Django framework how to use Ajax Post method is introduced, after reading how to feel, welcomed the small partners to share their views, I wish you a happy mood and smooth work.