stackoom
  简体   繁体   中英

how to verify the csrf token is working well in the browser while using django and react

 原文  2021-09-28 22:52:23       javascript/ python/ reactjs/ python-3.x/ django

Question

I am sorry in advance if the question is more a beginner one but i have built an application with django backend and react frontend, now i am trying to implement the csrf token for the post request on the create endpoint with the codes below.

getCookie.js 

import React from 'react';

const getCookie = (name) => {
    let cookieValue = null;
    if (document.cookie && document.cookie !== '') {
        const cookies = document.cookie.split(';');
        for (let i = 0; i < cookies.length; i++) {
            const cookie = cookies[i].trim();
            // Does this cookie string begin with the name we want?
            if (cookie.substring(0, name.length + 1) === (name + '=')) {
                cookieValue = decodeURIComponent(cookie.substring(name.length + 1));
                break;
            }
        }
    }
    return cookieValue;
}

export default getCookie;

CsrfToken.js 

import React from 'react';
import getCookie from './getCookie';

var csrftoken = getCookie('csrftoken');

const CSRFToken = () => {
    return (
        <input type="hidden" name="csrfmiddlewaretoken" value={csrftoken} />
    );
};
export default CSRFToken;

Create.js

import React from 'react';
import axios from "axios";
import CsrfToken from './CsrfToken';

const Create = () => {
    ...

    const options = {
        headers: {
            'Content-Type': 'application/json',
        }
    };

    const handleSubmit = (e) => {
        e.preventDefault();

        axios.post("http://xyz/create/", fields, options)
        .then(response => {
          ...
    };

    return (
        <>
            <div className="somecontainer">
                <div className="row">
                    <div className="col-md">
                        <Form onSubmit={handleSubmit}>
                            <CsrfToken />                < ==== CSRF TOKEN COMPONENT
                            <Form.Group className="sm-3" controlId="username">
                            <Form.Control
                                size="lg"
                                className="submit-button-text"
                                type="name"
                                placeholder="Enter username"
                                value={fields.name}
                                onChange={handleFieldChange}
                                />
                            </Form.Group>
...

Assuming the script above is correct (Please let me know if it is not) , where in the browser using chrome inside of the.network tab do i check whether the csrf feature is actually enabled whenever i generate a post request?

I couldnt see it here:

在此处输入图像描述

1 answers

solution1
 1 ACCPTED  

If you are using Chrome: Inspect > Application > Cookies > csrftoken

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question {detail: 'CSRF Failed: CSRF token missing.'} Django and React Error :Forbidden (CSRF token missing or incorrect.) while using django rest framework how to pass a csrf token between django and javascript How to get the csrf_token in python(Django) how to apply csrf_token in django Django - csrf token not defined Django CSRF token is missing Django csrf token + Angularjs Django - Javascript - Csrf Token django csrf token with js
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM