What are some reasons I could be getting a "Forbidden (CSRF cookie not set.)" error when trying to send a delete request?

Question

This is really confusing me because I know I'm setting the csrftoken correctly in the header. When I try and send the delete request on Postman I get the same error. I've been searching for a solution for hours and can't seem to find anything good! Do you know what could possibly be happening?

This is some relevant frontend code

var csrftoken = this.getCookie('csrftoken');
axios.defaults.headers.delete['X-CSRFToken'] = csrftoken
axios.defaults.headers.delete['X-Requested-With'] = 'XMLHttpRequest'
axios
  .delete(`http://localhost:8000/api/todos/${item.id}`)
  .then(res => this.refreshList());

Let me know if you need anymore info. Any help will be appreciated.

Gavin Shrestha · Answer 1 · 2021-02-25T22:03:25.113

0

I found the problem. My Delete URL pattern had a slash at the end, and as you can see here, there is no slash after the ID in the axios request. A classic blunder for a coder. I hate small bugs like this, don't you? Still can't help but smile now that it's gone though. I suppose you only learn to check for small things like this with experience. Such is the journey of a young web developer.

edited Feb 25 '21 at 22:03

answered Feb 25 '21 at 21:56

Gavin Shrestha

1
1

What are some reasons I could be getting a "Forbidden (CSRF cookie not set.)" error when trying to send a delete request?

1 Answers1