HTTP Status 403 - Bad or missing CSRF value but the csrf token is set
Question
I have an ajax request which looks like this:
$.ajax({
headers: {
'Accept': 'application/json',
'Content-Type': 'application/json'
},
'url': defaults.addToCartUrl,
'data': JSON.stringify({CSRFToken: Config.CSRFToken,currentUser: currentCustomer, entries: cartItems}),
'type': 'POST',
'dataType': 'json',
beforeSend: function(xhr) {
xhr.setRequestHeader('X-CSRFToken', Config.CSRFToken);
},
'success': function (data, textStatus, jqXHR) {
},
'error': function (jqXHR, exception, m) {
console.log('Cannot move products from
}
});
The problem is that I keep getting this HTTP Status 403 - Bad or missing CSRF value but I set the token as a parameter in the data payload as well as on the request header.
1 answers
solution1
1 2017-01-17 15:12:46
Isn't the beforeSend supposed to set the token to "X-CSRF-Token"? Maybe use ajaxSetup for your headers?
Example:
$.ajaxSetup({
headers: {
'X-CSRF-Token': $('meta[name="csrf-token"]').attr('content')
}
});
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.
Related Question
HTTP Status 403 - Bad or missing CSRF value
HTTP Status 403 - Expected CSRF token not found
How do I set the X-CSRF-Token correctly in an Alexa POST Request to SAP HANA? (403 error)
CSRF token mismatch Laravel sanctum and Angular http
JWT Token and CSRF
Advantages of disposable csrf token
understanding of CSRF token
AngularJS remove `x-csrf-token` in $http.get
How can I add a csrf token on a http request in python?
CSRF token, for data retrieving request
Related Tags