Closed CoolSoybean closed 3 years ago
发现无法POST, Status Code: 403 Forbidden,具体提示如下:
Forbidden (403) CSRF verification failed. Request aborted.
You are seeing this message because this HTTPS site requires a 'Referer header' to be sent by your Web browser, but none was sent. This header is required for security reasons, to ensure that your browser is not being hijacked by third parties.
If you have configured your browser to disable 'Referer' headers, please re-enable them, at least for this site, or for HTTPS connections, or for 'same-origin' requests.
If you are using the tag or including the 'Referrer-Policy: no-referrer' header, please remove them. The CSRF protection requires the 'Referer' header to do strict referer checking. If you're concerned about privacy, use alternatives like <a rel="noreferrer" ...> for links to third-party sites.
@zmister2016 模板中的所有的meta都需要修改一下策略,就ok了。
@CoolSoybean 感谢反馈,刚刚看了一下你提交的PR,修改是的HTML页面的<meta name="referrer" content="no-referrer">
,这个之前是为了文档内的外链视频播放而设置的,等我测试一下,看看能否兼容。还有,最近模板文件在进行大改动,PR可能不会合并,望理解~
多谢回复。 具体用什么策略是得需要好好看一下。这个估计也就是暂时解决一下我的问题😄。 这次大动的时候能不能增加一个英文版?
HTML模板里面很多中文已经添加了Django的翻译标签,但是精力有限,没有做翻译
另外这个转圈圈,根据群里反馈,有部分是因为宝塔面板的nginx防火墙拦截了 POST 请求.
最新代码已修复相关问题,将归版至0.6.6