4👍
✅
Normally this boils down to setting the headers correctly. There is an answer that already details this. The relevant part you need is this:
xhr.setRequestHeader("X-CSRFToken", token)
See the linked answer for details on getting the token from the cookies, for brevity I didn’t copy it from there. I don’t really know the context of your code, so this method of retrieval might not directly apply. Regardless, you need to get the token somehow.
When you have the token, add a header to the NSMutableURLRequest. Upon posting the request, the error should be gone.
[request addValue:token forHTTPHeaderField:@"X-CSRFToken"];
👤jro
7👍
Am I wrong or it just don’t make sense to use this on native app?
In that case, you could just disable this protection using this decorator:
from django.views.decorators.csrf import csrf_exempt
@csrf_exempt
def view_without_csrf_protection(request):
pass
- [Django]-Intermittent ImportError with Django package
- [Django]-Django – copy header from admin to all templates
- [Django]-How do I programmatically create a user with django_social_auth?
Source:stackexchange.com