subject:"CSRF and API Calls"

Re: CSRF and API Calls

2017-09-25 Thread Tom Gorup

groups.com ] *On Behalf Of *Tom Gorup > *Sent:* Friday, September 22, 2017 8:46 AM > *To:* Django users > *Subject:* CSRF and API Calls > > > > I'm having a bit of an issue. I'm attempting to utilize a Javascript/React > App to interact with a Django backend without the

RE: CSRF and API Calls

2017-09-22 Thread Matthew Pava

@googlegroups.com [mailto:django-users@googlegroups.com] On Behalf Of Tom Gorup Sent: Friday, September 22, 2017 8:46 AM To: Django users Subject: CSRF and API Calls I'm having a bit of an issue. I'm attempting to utilize a Javascript/React App to interact with a Django backend without

CSRF and API Calls

2017-09-22 Thread Tom Gorup

I'm having a bit of an issue. I'm attempting to utilize a Javascript/React App to interact with a Django backend without the use of templates (hence no {%csrftoken%} available). As I understand CSRF middleware, the CSRF token comes with the form on the GET and is provided in the POST; however,