使用HTTP POST時Django總是回覆403
使用HTTP POST時Django總是使用回覆403, 但是直接用get就可以正常看到寫好的頁面
用curl測試
curl -H "Content-Type:application/json" \取得的頁面寫道
-X POST \
-d '{"from":"10.0.0.4","prod":"MY_NEW_PROD","result":"Success","action_time":"2020-01-14 09:29:41.112"}' \
http://10.0.0.3:8080/api/sendMsg
Forbidden (403)
CSRF verification failed. Request aborted.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.
查了一下是因為Django預設機制會檢測不合法行為, 認為一個正規的POST應該要帶有一些必要資訊避免被跨站攻擊。
但是我只是要模擬Server接收POST資訊沒有真的要拿來架站, 所以套用解法:
https://blog.csdn.net/u010358168/article/details/77511445註解掉settings.py的django.middleware.csrf.CsrfViewMiddleware,就可以正常接收POST
留言