"CSRF verification failed. Request aborted" while making json request

Asked Dec 29 '13 at 18:59

Active Dec 29 '13 at 19:20

Viewed 272 times

While making json request from backbone.js app, I'm getting an error:

CSRF verification failed. Request aborted.

I have set the X-CRSF-TOKEN, but still it showing 403 forbidden error .

In backbone,js app i have the following code:

$.ajaxPrefilter( function( options, originalOptions, jqXHR ) {
        options.xhrFields = {
          withCredentials: true
        };
        // If we have a csrf token send it through with the next request
        console.log("that.get('_csrf')");
        console.log(that.get('_csrf'));
        if(typeof that.get('_csrf')  !== 'undefined') {
         jqXHR.setRequestHeader('X-CSRF-Token', that.get('_csrf'));
        }
      });
    },

In console i have the crsf token value:

X-CSRF-Token:V30RZC23TQ015YQO5KCKCPI2RWSTWIOH

edited Dec 29 '13 at 19:20

mariodev

13,928
3
49
61

asked Dec 29 '13 at 18:59

ruser1701621

what is `that` where does it come from? CSRF are per session/connection, they cannot be reused. They should be obtained from the page you are accessing. – Noam Rathaus Dec 29 '13 at 20:17
And `this` object is? I mean, where does _csrf come from? – Noam Rathaus Dec 29 '13 at 20:26
Possible duplicate of [Django CSRF verification failed. Request aborted.- CSRF cookie not set](http://stackoverflow.com/questions/21498682/django-csrf-verification-failed-request-aborted-csrf-cookie-not-set) – Paul Sweatte Nov 22 '15 at 05:27

"CSRF verification failed. Request aborted" while making json request

0 Answers0