1.创建一个middleware.py,定义一个 DisableCSRF类:
class DisableCSRF(object): def process_request(self, request): setattr(request, '_dont_enforce_csrf_checks', True)
2. 修改settings.py,添加自定义的middleware并放到Django自带的CSRF系列middleware之前:
MIDDLEWARE_CLASSES = ( '<YOUR_APP_NAME>.middleware.DisableCSRF', ... )
3. 确保删除自定义Templates中的 {% csrf_token % }标签