Marcus Grass
2018-05-26 23:10:20 UTC
Hi, I'm trying to make a post request from a logged in user through a view
processed with Angular 6, with no Django template logic, and getting a 403
forbidden response.
Im using Django 2.0.3, DRF 3.8.3, and Angular 6 to make the request. A more
thorough description of the problem can be found in my Stack Overflow post
here
<https://stackoverflow.com/questions/50546081/django-angular-403-django-not-accepting-csrf-cookie-csrf-token-missing-or-inco> but
in short
<Loading Image...
>
I am getting the cookie right in my Angular app, as shown in the browser
console here:
<Loading Image...
>
And it's being sent with the post request as is shown here:
I've also tried to extract the 'csrftoken' value from the cookie and
included it with my post request as 'csrfmiddlewaretoken':token.
Neither has worked.
I have set CSRF_USE_SESSIONS = False in my settings.py, and my default auth
method with DRF is sessionauthentication.
Anyone have any clues what might be going wrong here?
processed with Angular 6, with no Django template logic, and getting a 403
forbidden response.
Im using Django 2.0.3, DRF 3.8.3, and Angular 6 to make the request. A more
thorough description of the problem can be found in my Stack Overflow post
here
<https://stackoverflow.com/questions/50546081/django-angular-403-django-not-accepting-csrf-cookie-csrf-token-missing-or-inco> but
in short
<Loading Image...
>I am getting the cookie right in my Angular app, as shown in the browser
console here:
<Loading Image...
>And it's being sent with the post request as is shown here:
I've also tried to extract the 'csrftoken' value from the cookie and
included it with my post request as 'csrfmiddlewaretoken':token.
Neither has worked.
I have set CSRF_USE_SESSIONS = False in my settings.py, and my default auth
method with DRF is sessionauthentication.
Anyone have any clues what might be going wrong here?
--
You received this message because you are subscribed to the Google Groups "Django REST framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-rest-framework+***@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
You received this message because you are subscribed to the Google Groups "Django REST framework" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-rest-framework+***@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.