CSRF Token setting and passage for Angular 6 http call to Django Endpoint

Asked Jun 27 '18 at 22:35

Active Jun 28 '18 at 00:36

Viewed 270 times

I am making a POST call to a Django endpoint from and Angular 6 app. What is the current preferred method for gathering, setting and passing the required CSRF token/cookie? Right now the error message that I'm getting says:

Forbidden (403) CSRF verification failed. Request aborted.

And the code trying to make the HTTP call is simply:

export class EmailService {
  constructor(private http: HttpClient) {}

  sendMailgunContactMessage(subject, name, email, policyNumber, message) {
    const body = {
      Subject: subject,
      Name: name,
      Email: email,
      PolicyNumber: policyNumber,
      Message: message
    };

    return this.http.post(SharedService.contactEmailUrl, body);
  }
}

This question is unique because it seeks a solution that keeps CSRF protection enabled (e.g. does not use @csrf_exempt() and does not comment out the CSRF middleware).

edited Jun 28 '18 at 00:36

asked Jun 27 '18 at 22:35

Austin

Possible duplicate of [django csrf for api that works with ios apps](https://stackoverflow.com/questions/16371302/django-csrf-for-api-that-works-with-ios-apps) – Eduardo Jun 27 '18 at 23:15

CSRF Token setting and passage for Angular 6 http call to Django Endpoint

0 Answers0