Answer the question
In order to leave comments, you need to log in
J
J
Joirvy2019-03-04 14:24:56
Joirvy, 2019-03-04 14:24:56
Error with CSRF token from vue app in django?
I need to send a POST request from vue to django. I ran into an error: 
I am sending a request using axios:
import axios from 'axios';
axios.defaults.xsrfHeaderName = "X-CSRFToken";
axios.defaults.xsrfCookieName = "csrftoken";
axios.defaults.withCredentials = true;
axios({
method: 'post',
url: 'http://127.0.0.1:8000/test-result/',
data: {
userAnswers: this.userAnswers
},
});In settings.py I have corsheaders set: The
settings are also set:
ALLOWED_HOSTS = ['*']
CSRF_COOKIE_NAME = "csrftoken"
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
CORS_EXPOSE_HEADERS = (
'Access-Control-Allow-Origin: *',
)I have tried a lot of the methods described on the Internet and nothing has helped. Perhaps my mistake is related to something else?
1 answer(s)
@IKMOL
M
Mykola, 2019-03-04 @IKMOL
You are confusing CSRF with CORS.
CORS - You have configured, but not CSRF.
The correct solution is to make an API (with the help of DRF for example) and authorization through a token if you need it.
Another option is to read the Django Cross Site Request Forgery protection documentation - where it is indicated how to do this, and, in extreme cases (not recommended), disable CSRF for this url
Similar questions
M
I
A
S
J
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question