Re: no-referer CSRF error occured in only Edge
15 views
Skip to first unread message
Hella Nick
Jul 9, 2020, 9:04:07 PM7/9/20
to django...@googlegroups.com
Wow
Seong Gyu Choi <cys...@gmail.com> 于2020年7月9日周四 下午9:48写道:
Django Web Page worked properly well with POST method action in Chrome, Firefox. But No-refere CSRF error occurs only in Edge MS browser.--I found someone with an error similar to the one below, and I used the method I told you here but couldn't solve it.[ Error Page ]
You are seeing this message because this HTTPS site requires a “Referer header” to be sent by your Web browser, but none was sent. This header is required for security reasons, to ensure that your browser is not being hijacked by third parties.
If you have configured your browser to disable “Referer” headers, please re-enable them, at least for this site, or for HTTPS connections, or for “same-origin” requests.
If you are using the <meta name="referrer" content="no-referrer"> tag or including the “Referrer-Policy: no-referrer” header, please remove them. The CSRF protection requires the “Referer” header to do strict referer checking. If you’re concerned about privacy, use alternatives like <a rel="noreferrer" …> for links to third-party sites.[View.py]
[url.py]
path('iddown', TslIdDownFormView.as_view(), name='iddown'),
][template.html]
{% csrf_token %}
<input type="submit" class="iddown btn btn-outline btn-primary pull-right" id="selectBtn" value="Download JSON" >
</form>
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/300a9928-8ce2-41a3-8e12-0081aab62162o%40googlegroups.com.
Reply all
Reply to author
Forward
0 new messages