django js csrf

這裏就不多羅嗦csrf的作用，網上文獻很多，之列舉一種通過js訪問Django所遇見的csrf 403異常
由於傳參的方式，後端會進行不同的解析方式，切記要用下面的傳參方式，參見傳參方式

這是Django官方文檔所列舉的解決方法

前端js代碼

function getCookie(name) {
    var cookieValue = null;
    if (document.cookie && document.cookie !== '') {
        var cookies = document.cookie.split(';');
        for (var i = 0; i < cookies.length; i++) {
            var cookie = cookies[i].trim();
            // Does this cookie string begin with the name we want?
            if (cookie.substring(0, name.length + 1) === (name + '=')) {
                cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
                break;
            }
        }
    }
    return cookieValue;
}

var csrftoken = getCookie('csrftoken');
async function createCustomer(paymentMethod, cardholderEmail) {
    var formData = new FormData();
    formData.append('email', cardholderEmail);
    formData.append('payment_method', paymentMethod);
    formData.append('csrfmiddlewaretoken', csrftoken);
    return fetch('/create-customer/', {
        method: 'post',
        // headers: {
        //     'Content-Type': 'application/json'
        // },
        body: formData,
        mode: 'cors',
        cache: 'default',
        credentials: 'include',
    })
        .then(response => {
            return response.json();
        })
        .then(subscription => {
            handleSubscription(subscription);
        });
}