禁用CSRF保护，实施更强大的JSON解析！伟大变革！

2025-02-25 16:07:50 +08:00 · 2025-02-25 16:07:50 +08:00 · 3daf5973d0
commit 3daf5973d0
parent d9d20d478d
2 changed files with 4 additions and 2 deletions
--- a/apps/pr/views.py
+++ b/apps/pr/views.py
@ -1,3 +1,5 @@
+import json
+
 from pr import models
 from django.views import View
 from django.http import JsonResponse
@ -38,7 +40,7 @@ def load_project_config(

 class WebHookView(View):
    def post(self, request):
-        data = request.POST
+        data = json.loads(request.body.decode('utf-8'))
        if not data:
            return JsonResponse(status=400, data={"error": "Invalid JSON"})

--- a/pr_manager/settings.py
+++ b/pr_manager/settings.py
@ -54,7 +54,7 @@ MIDDLEWARE = [
    "django.middleware.security.SecurityMiddleware",
    "django.contrib.sessions.middleware.SessionMiddleware",
    "django.middleware.common.CommonMiddleware",
-    "django.middleware.csrf.CsrfViewMiddleware",
+    # "django.middleware.csrf.CsrfViewMiddleware",
    "django.contrib.auth.middleware.AuthenticationMiddleware",
    "django.contrib.messages.middleware.MessageMiddleware",
    "django.middleware.clickjacking.XFrameOptionsMiddleware",