问题
I'm developing an app with Phonegap that uses Django back-end. The back-end uses csrf, so I need my Phonegap app to use csrf so it can work with Django.
I've read that you can use csrf via Ajax, but I haven't been able to make it work.
Could you please tell me with an example how can I do this?
回答1:
just catch csrf_token in your html page in script tag at a time of document ready by
var csrf = {{ csrf_token }}
and then via ajax pass parameter like in your js file
$.ajax({
csrfmiddlewaretoken: csrf; ..//});
回答2:
Extending @Zigs Answer .
You can generate csrf token at server(Django) side using :
from django.middleware.csrf import _get_new_csrf_key as get_new_csrf_key
response.set_cookie("csrftoken", get_new_csrf_key())
Use this csrf token for subsequent POST (ajax) request.
来源:https://stackoverflow.com/questions/22294866/csrf-token-in-phonegap-using-ajax