Post Requets not working CSRF Failed: CSRF token missing. #9246

philipphomberger · 2024-02-01T09:33:07Z

philipphomberger
Feb 1, 2024

I try using Django Restframework together with VueJS and axion.
But always I get the MSG:
CSRF Failed: CSRF token missing.

But my Header in the frontend looks correct. And in the developer tools the cockie is correct loading into the header.
{
"Accept": "application/json, text/plain, /",
"Content-Type": "application/json",
"X-CSRFToken": "*******"
}

my csrf settings in django settings.py

CSRF_COOKIE_NAME = "csrftoken"
CSRF_HEADER_NAME = 'X-CSRFTOKEN'
CSRF_TRUSTED_ORIGIN = ['http://.127.0.0.1', 'http://.localhost']
CSRF_COOKIE_HTTPONLY = False
CSRF_COOKIE_SECURE= False

I have no problems with the get requests. Only than it come to POST, PUT, DELETE.

Thank you for your advice.

With regards
Philipp Homberger

Answered by philipphomberger

Feb 8, 2024

Hi, there was a cache problem in my Browser or so. So the HTTP Only Attribute was still set to true. Because of this my Java Script client could not use the Csrf toke.

View full answer

FaridMalekpour · 2024-02-07T09:27:19Z

FaridMalekpour
Feb 7, 2024

is the CSRF middleware included in Django project's MIDDLEWARE setting in settings.py?

MIDDLEWARE = [
    ...
    'django.middleware.csrf.CsrfViewMiddleware',
    ...
]

4 replies

philipphomberger Feb 8, 2024
Author

Hi, there was a cache problem in my Browser or so. So the HTTP Only Attribute was still set to true. Because of this my Java Script client could not use the Csrf toke.

Answer selected by philipphomberger

FaridMalekpour Feb 8, 2024

Glad to hear the problem is solved🤝

S-t4r Sep 6, 2024

Hi, there was a cache problem in my Browser or so. So the HTTP Only Attribute was still set to true. Because of this my Java Script client could not use the Csrf toke.

I am so grateful that you post this solution, I was having such a fruastrating time.

Beki78 Oct 5, 2024

tnx mate I think I was having the same problem when I changed the browser it worked like a charm😌

S-t4r · 2024-10-05T08:59:39Z

S-t4r
Oct 5, 2024

I was banging my head on the table for 2 hours! 😹

…

On Sat, Oct 5, 2024, 11:43 AM Bereket Getachew ***@***.***> wrote: tnx mate I think I was having the same problem when I changed the browser it worked like a charm😌 — Reply to this email directly, view it on GitHub <#9246 (reply in thread)>, or unsubscribe <https://github.com/notifications/unsubscribe-auth/A3QT4WJJOPH2JX7ZDQAF423ZZ6NR5AVCNFSM6AAAAABCURPDFGVHI2DSMVQWIX3LMV43URDJONRXK43TNFXW4Q3PNVWWK3TUHMYTAOBVGA4DINA> . You are receiving this because you commented.Message ID: <encode/django-rest-framework/repo-discussions/9246/comments/10850844@ github.com>

0 replies

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Post Requets not working CSRF Failed: CSRF token missing. #9246

{{title}}

Replies: 2 comments 4 replies

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

{{title}}

Select a reply

Post Requets not working CSRF Failed: CSRF token missing. #9246

philipphomberger Feb 1, 2024

Replies: 2 comments · 4 replies

FaridMalekpour Feb 7, 2024

philipphomberger Feb 8, 2024 Author

FaridMalekpour Feb 8, 2024

S-t4r Sep 6, 2024

Beki78 Oct 5, 2024

S-t4r Oct 5, 2024

philipphomberger
Feb 1, 2024

Replies: 2 comments 4 replies

FaridMalekpour
Feb 7, 2024

philipphomberger Feb 8, 2024
Author

S-t4r
Oct 5, 2024