CSRF Verification fails in production for Cross Domain POST request
21 views
Skip to first unread message
suresh
Apr 25, 2019, 2:20:32 AM4/25/19
to django...@googlegroups.com
The HTTP_X_CSRFTOKEN header does not match what is inside the csrftoken
cookie.
How can I examine the cookie? Set-Cookie is not displayed in the
Response header for Cross Domain requests.
I have already followed instructions found in:
https://stackoverflow.com/questions/39254562/csrf-with-django-reactredux-using-axios
Interestingly I found "X-CSRFTOKEN" translates to "HTTP_X_CSRFTOKEN" on
the server request header.
Thanks for any help.
Suresh
cookie.
How can I examine the cookie? Set-Cookie is not displayed in the
Response header for Cross Domain requests.
I have already followed instructions found in:
https://stackoverflow.com/questions/39254562/csrf-with-django-reactredux-using-axios
Interestingly I found "X-CSRFTOKEN" translates to "HTTP_X_CSRFTOKEN" on
the server request header.
Thanks for any help.
Suresh
Gil Obradors
Apr 25, 2019, 6:40:29 AM4/25/19
to django...@googlegroups.com
When I have problems with csrf and POST, I usually put a print(request.POST) into a view function, to see what the framework recives from client
help you?
Missatge de suresh <sure...@hotmail.com> del dia dj., 25 d’abr. 2019 a les 8:20:
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to django...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/q9rj8u%24nlf%241%40blaine.gmane.org.
For more options, visit https://groups.google.com/d/optout.
Reply all
Reply to author
Forward
0 new messages