user1936584
Reputation:
HTTP Status 403 - Bad or missing CSRF value but the csrf token is set
I have an ajax request which looks like this:
$.ajax({
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json'
},
'url': defaults.addToCartUrl,
'data': JSON.stringify({CSRFToken: Config.CSRFToken,currentUser: currentCustomer, entries: cartItems}),
'type': 'POST',
'dataType': 'json',
beforeSend: function(xhr) {
xhr.setRequestHeader('X-CSRFToken', Config.CSRFToken);
},
'success': function (data, textStatus, jqXHR) {
},
'error': function (jqXHR, exception, m) {
console.log('Cannot move products from
}
});
The problem is that I keep getting this HTTP Status 403 - Bad or missing CSRF value but I set the token as a parameter in the data payload as well as on the request header.
Upvotes: 0
Views: 2863
Answers (1)
Antonio Ciolino
Reputation: 556
Isn't the beforeSend supposed to set the token to "X-CSRF-Token"? Maybe use ajaxSetup for your headers?
Example:
$.ajaxSetup({
headers: {
'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content')
}
});
Upvotes: 1
Related Questions
- 403 Forbidden Invalid CSRF
- Django csrf token missing or incorrect error 403
- Django server 403 (CSRF token missing or incorrect)
- CSRFGuard : required token is missing from the request
- Status 403 Invalid CSRF token in Post request from Postman
- How to fix "Forbidden (403) CSRF verification failed. Request aborted." error in django
- HTTP Status 403 - Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'
- Error HTTP Status 403 - Invalid CSRF Token 'null' was found on the request parameter '_csrf' or header 'X-CSRF-TOKEN'
- HTTP Status 403 - Expected CSRF token not found
- Django 403 CSRF token missing or incorrect