搜索结果网址中的django csrf_token

Have csrf in search result url. Don't know why is there and how to remove it. Search works nice. Here is URL

在搜索结果网址中有csrf。不知道为什么会有，以及如何删除它。搜索效果很好。这是URL

/search/?csrfmiddlewaretoken=675d1340034e094866d15a921407e3fc&q=testing

here is view:

这是观点：

def search(request):
    query = request.GET.get('q', '')
    rezult = []
    if query:
    qset1 = (
        Q(title__icontains=query) 
    )
    result = Product.objects.filter(qset1).distinct()
    if result.count() == 1:
        return HttpResponseRedirect(result[0].get_absolute_url())
    return render_to_response('search/search.html',{'query': query, 'result': result, },context_instance=RequestContext(request))

Thanks

谢谢

3 个解决方案

#1

Remove {% csrf_token %} from your form in the template, you don't need it since you're making a GET request.

从模板中的表单中删除{％csrf_token％}，因为您正在发出GET请求，所以不需要它。

#2

I would assume that you've added the {% csrf_token %} within one of the search form's input element. That would cause the token to be submitted along with the form.

我假设你已经在搜索表单的一个输入元素中添加了{％csrf_token％}。这将导致令牌与表单一起提交。

Check your search form template.

检查您的搜索表单模板。

#3

you added {% csrf_token %} in your form. if you dont need csrf remove this from your form and add csrf_exempt.

您在表单中添加了{％csrf_token％}。如果您不需要csrf从表单中删除它并添加csrf_exempt。

look at this sample of django:

看看这个django样本：

from django.views.decorators.csrf import csrf_exempt

@csrf_exempt
def my_view(request):
     return HttpResponse('Hello world')

#1