标签:ack self call mst efi create 本地 undefined index
#!/usr/bin/python # -*- coding: UTF-8 -*- #验证码 import tornado.ioloop import tornado.web class CrsfHandler(tornado.web.RequestHandler): def get(self, *args, **kwargs): self.render("crsf.html") def post(self, *args, **kwargs): self.write("csrf.post") settings = { "xsrf_cookies": True, } class CheckCodeHandler(tornado.web.RequestHandler): def get(self): import io import check_code mstream = io.BytesIO() # 创建图片 写入验证码 img, code = check_code.create_validate_code() # 图片对象写入到mstream img.save(mstream, "GIF") # self.session["CheckCode"] = code print(mstream.getvalue()) self.write(mstream.getvalue()) class MainHandler(tornado.web.RequestHandler): def get(self): self.render("index.html",) application = tornado.web.Application([ (r"/index", MainHandler), #(r"/check_code", CheckCodeHandler), (r"/crsf", CrsfHandler), ],**settings) if __name__ == "__main__": application.listen(5555) tornado.ioloop.IOLoop.instance().start()
<!DOCTYPE html> <html lang="en"> <head> <meta charset="UTF-8"> <title>Title</title> </head> <body> <form action="/crsf" method="post"> {% raw xsrf_form_html() %} <p><input name="name" value=""></p> <p><input name="pwd" value=""></p> <p> <input name="valide" value="" placeholder="验证码"> <input type="submit" value="submit" > </p> </form> <script type="text/javascript"> function ChangeCode() { var code = document.getElementById(‘imgCode‘); code.src += ‘?‘; } </script> </body> </html>
Ajax使用时,本质上就是去获取本地的cookie,携带cookie再来发送请求
function getCookie(name) {
var r = document.cookie.match("\\b" + name + "=([^;]*)\\b");
return r ? r[1] : undefined;
}
jQuery.postJSON = function(url, args, callback) {
args._xsrf = getCookie("_xsrf");
$.ajax({url: url, data: $.param(args), dataType: "text", type: "POST",
success: function(response) {
callback(eval("(" + response + ")"));
}});
};标签:ack self call mst efi create 本地 undefined index
原文地址:http://www.cnblogs.com/caidapeng/p/7991914.html
