Hi, I'm trying to make a post request from a logged in user through a view processed with Angular 6, with no Django template logic, and getting a 403 forbidden response.
Im using Django 2.0.3, DRF 3.8.3, and Angular 6 to make the request. A more thorough description of the problem can be found in my Stack Overflow post here <https://stackoverflow.com/questions/50546081/django-angular-403-django-not-accepting-csrf-cookie-csrf-token-missing-or-inco> but in short <https://lh3.googleusercontent.com/-mzwssFrCuD4/WwnowTasyuI/AAAAAAAAAG8/_kiBAWH3i9Q1VUzsaRmWKSXSAqxBaIP-gCLcBGAs/s1600/getCookie.png> I am getting the cookie right in my Angular app, as shown in the browser console here: <https://lh3.googleusercontent.com/-_9Rj7Cco6uo/Wwno3_RqFXI/AAAAAAAAAHA/Hl9GAKfoC0cvTrJ9IPOu-9viYckDTqkagCLcBGAs/s1600/postCookie.png> And it's being sent with the post request as is shown here: I've also tried to extract the 'csrftoken' value from the cookie and included it with my post request as 'csrfmiddlewaretoken':token. Neither has worked. I have set CSRF_USE_SESSIONS = False in my settings.py, and my default auth method with DRF is sessionauthentication. Anyone have any clues what might be going wrong here? -- You received this message because you are subscribed to the Google Groups "Django REST framework" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. For more options, visit https://groups.google.com/d/optout.
