[Django]-Upload file to django server using curl

I think its the CSRF token that is missing.

{% csrf_token %}

look at django docs Cross Site Request Forgery protection.
Its is a token generated to make sure the form is submitted from the same domain.
you can either disable the CSRF protection by removing the tag from the template.
or try here on how to pass it using curl.

btw if all you want is uploading using a python script i would recommend using requests.

url = 'http://wings.spectrumserver/sdm/lists'
files = {'file': open('file.ext', 'rb')}
r = requests.post(url, files=files)

I can’t help to solv this with curl.

But if you can program python3:

Django have a protection for Cross Site Reference Forgery (CSRF)

You need to use the CSRF cookie and the hidden CSRF in the FORM.

So you need first GET the download page (like a browser), extract the CSRFs and make the POST including this data.

And the POST must be in multipart/form-data format.

One way to see how this format is, in a Linux machine:

1 – Create a Django upload page where the form ACTION point to (say) http://127.0.0.1:2222/

2 – Open a terminal and execute:
nc -l 127.0.0.1 2222 &1 | less

3 – Open the browser in the upload page, fill the form with some small text to upload, and press the upload button. The browser will complain, no problem…

4 – In the terminal you will see how the browser uploads the file using POST & multipart/data-form

To implemente a solution:

5 – Check the link http://blog.spotflux.com/uploading-files-python-3 where it uses python3 to make the POST in multipart/form-data format.

6 – You will need to make some changes in this example to include the cookie in the post.

Use html.parser.HTMLParser to parse the HTML page.

It works fine, but I can’t post the code.

I didn’t try to use requests.get() and requests.post().