krakenjs angularjs $http method="delete" not working

Question

In KrakenJs, I found a workover to make POST/PUT/DELETE requests without turning off "csrf" by passing a "_csrf" parameter in the body

In index.dust ->

    <input id="csrfid" type="hidden" name="_csrf" value="{_csrf}">

In myScripts.js ->

    var csrf = document.getElementById('csrfid').value;
    $http({  method: 'POST',
        url: 'http://localhost:8000/myRoute/',
        data: { '_csrf': csrf, 'object': myObject }
      }).success(function(result) {
        //success handler
      }).error(function(result) {
        //error handler
      });

It works with POST/PUT requests flawlessly. But when I try to make DELETE it fails with 500

However I have tried jQuery DELETE and that worked fine... The problem is with AngularJs... Anybody encountered it earlier?

score 0 · Answer 1 · answered Feb 25 '14 at 18:34

0

Which version of angular.js are you using?

Based on this discussion, it looks like angular.js will not send a request body if you use the shortcut method $http.delete, but will if you use {method: 'DELETE'}. There's also concern that in general some browsers don't send the body of a delete request, but that doesn't seem to be your issue since it work with JQuery.

I ask about the version of angular.js since it may be that this workaround doesn't work in some versions.

answered Feb 25 '14 at 18:34

Geoff Genz

2,006
17
20

AngularJS v1.2.13 Is there any other known workaround so that I can make delete requests.. without making "csrf" off.. I don't want to include jQuery for this reason alone in my project. – rjnpnigrhi Feb 25 '14 at 18:43
It looks like you can set headers as a different csrf workaround? http://stackoverflow.com/questions/14109927/angular-js-verify-csrf-token-in-post-request – Geoff Genz Feb 25 '14 at 18:59

krakenjs angularjs $http method="delete" not working

1 Answers1