導入 from django.views.decorators.csrf import csrf_exempt, csrf_protect
.
方法 |
---|
csrf_exempt 取消當前防跨站請求僞造功能 |
csrf_protect 強制設置當前防跨站請求僞造功能 |
示例
from django.views.decorators.csrf import csrf_exempt, csrf_protect
@csrf_exempt
def login(request: WSGIRequest):
if request.method == "POST":
user = request.POST.get("username")
password = request.POST.get("password")
if user == "1" and password == "p":
response = redirect("/app01/index/")
response.set_signed_cookie(CookieKey_Login, "1", salt=SALT_KEY)
return response
return render(request, "login.html")