How to pass CSRF token for Rails post request in paw-app

Question

I am attempting to use the Paw app to test out a REST API build in Rails 4.2.4. I have a create method which expects JSON as input. The request appears to pass the correct information from Paws as structure, but the Rails API is failing with the following error:

422 Unprocessable Entity
Can't verify CSRF token authenticity

When writing the JavaScript front end, the request must have a header appended to the request, of the form:

webix.ajax().headers({'X-CSRF-TOKEN': $('meta[name="csrf-token"]').attr('content')}).post("geo_wells.json", parms), function(text){webix.message("posted");});

That all works fine for getting the CSRF satisfied consistently, although it's the parms I am trying to use Paws to help sort out. But I can't get that meta token in Paws. No idea how to actually add that to the header of the request. Tried creating a cookie and all response cookies, but that didn't do it either.

Any ideas? I'd like to purchase the tool, but if it can't do this, it's not of that much use to me. I would prefer not to up and disable the CSRF as is so often suggested. I'm hoping for a robust answer that would still extend to testing of the fully CSRF enabled API.

Answer 1

This Paw.app article had the answer.

First, install the RegExMatch extension. See: https://paw.cloud/extensions/RegExMatch

With the Ruby on Rails getting started set up, the regex required to get the csrf token was below: