Reputation: 1498
Fail to perform localhost POST call using postman (play framework 2.6)
Its so weird, im testing my app controller methods on localhost:9000 using postman, for my GET api methods I have no problem access and get response, but for a POST api methods im getting:
play.filters.CSRF - [CSRF] Check failed because no token found in headers
never seeen this message...
I have the simplest controller:
def invoiceQA(): Action[JsValue] = Action.async(parse.json) { request =>
Future{Ok(Json.toJson("""{"message": "got your json"}"""))}
}
my route:
POST /update controllers.MyController.update
in postman im getting 403 forbidden..
postman address:
http://localhost:9000/update
does someone know why is that..?
Upvotes: 4
Views: 1066
Answers (1)
Reputation: 8433
If you look at the Play ScalaCsrf Docs, the CSRF filter is configured and the check is made if any of the conditions are given:
- The request method is not GET, HEAD or OPTIONS.
- The request has one or more Cookie or Authorization headers.
- The CORS filter is not configured to trust the request’s origin.
If you don't want CSRF protection at all, you can just disable the filter by adding the following configuration (more info in the Play Filters Docs:
play.filters.disabled+=play.filters.csrf.CSRFFilter
Upvotes: 2
Related Questions
- POST request using play ws in Scala
- Testing request with CSRF Token in Play framework 2.5 (Scala)
- How can I disable the CSRF filter on Play 2.6?
- post request not working in play scala appication
- Play Framework 2.5 CSRF check failed ajax
- Receiving POST submission in Play Framework/Scala REST service
- Play framework: empty body in post request
- CSRF in Play 2.2.1 Scala always failing when csrf.sign.tokens is enabled
- Java Play POST [Parameter Missing] error?
- How to Prevent CSRF in Play [2.0] Using Scala?