Answer the question
In order to leave comments, you need to log in
How to send a request to a site that uses csrfmiddlewaretoken?
Good day.
There is a need to send a request on one of the sites using a python script.
The script is written, the request should be sent using requests.post.
In the transmitted form data, in addition to the information fields, there is a csrfmiddlewaretoken.
As I found out, this is a generated string created from a hash of the session ID plus some secret key. With each request, it is different every time.
When sending a previously used csrfmiddlewaretoken, such a request will be rejected.
If csrfmiddlewaretoken is not sent at all - 403, respectively.
There is a csrftoken field in cookies, but it is always the same, unlike csrfmiddlewaretoken, which is different for each request. Sending csrftoken to csrfmiddlewaretoken does not work.
Is this a dead end or is it possible to somehow receive this csrfmiddlewaretoken before sending the intended request and already send it by inserting it into the request body?
Thank you.
Answer the question
In order to leave comments, you need to log in
Pull xpatch or similar csrfmiddlewaretoken tool each time a request is sent.
And substitute it in a new request. Thus creating a new request.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question