你好,这里有一个奇怪的问题。我试图服务下面的index.htm文件与django。当您单击该按钮时,页面(而不是服务器)执行跨域请求。如果我直接在浏览器中加载索引文件,它就可以工作了。然而,如果我用django提供它,我得到"一个错误发生试图加载资源"在同一浏览器(Safari)。我使用(YQL)这个方法跨域请求:http://james.padolsey.com/javascript/cross-domain-requests-with-jquery/
<!DOCTYPE html>
<html>
<head>
<script type='text/javascript' src="/static/jquery-1.10.0.min.js"></script>
<script type='text/javascript' src="/static/jquery.xdomainajax.js"></script>
<script>
function myFunction()
{
$.ajax({
url: 'http://www.google.com',
type: 'GET',
success: function(res) {
var headline = $(res.responseText).text();
document.getElementById("demo").innerHTML=res;
},
beforeSend : function(xhr, settings) {
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhr.setRequestHeader("Cache-Control", "no-cache");
if (!csrfSafeMethod(settings.type)) {
xhr.setRequestHeader("X-CSRFToken", getCookie("csrftoken"));
}
}
});
}
function csrfSafeMethod(method) {
// these HTTP methods do not require CSRF protection
return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
}
</script>
</head>
<body>
<button onclick="myFunction()">Click me</button>
<p id="demo"></p>
</body>
</html>
在ajax函数中添加以下代码:
beforeSend : function(xhr, settings) {
xhr.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xhr.setRequestHeader("Cache-Control", "no-cache");
if (!csrfSafeMethod(settings.type)) {
xhr.setRequestHeader("X-CSRFToken", getCookie("csrftoken"));
}
},
还有脚本中的这个函数:
function csrfSafeMethod(method) {
// these HTTP methods do not require CSRF protection
return (/^(GET|HEAD|OPTIONS|TRACE)$/.test(method));
}
: